CVE-2021-27461

Summary

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected webserver applications allow access to stored data that can be obtained by using specially crafted URLs.

Affected Software

VendorProductVersion RangeStatus
n/aEmerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP – all revisions, X-STREAM enhanced XEGK – all revisions, X-STREAM enhanced XEFD – all revisions, X-affected

Weaknesses

  • CWE-22: IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22

ADP Enrichment

CVE Program Container

Additional References

References