The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account.
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2021-11-05T15:39:16
Updated: 2021-11-05T15:39:16
Reserved: 2021-10-18T00:00:00
Link: CVE-2021-42699
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-05T16:15:07.883
Modified: 2021-11-09T14:35:52.460
Link: CVE-2021-42699
JSON object: View
Redhat Information
No data.
CWE