CVE-2021-35527Sensitive Information Exposure in Esoms

CWE-200Sensitive Information ExposureCWE-522Insufficiently Protected Credentials4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 48.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hitachienergy EsomsHitachi ABB Power Grids Esoms
Timeline
PublishedJul 14
Latest updateSep 15

Description

Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5hitachi_abb_power_grids/esomsunspecified6.3
NVDhitachienergy/esoms< 6.3.1

🔴Vulnerability Details

3
OSV
sqlite3 vulnerabilities2022-09-15
GHSA
GHSA-r627-fmvr-78q5: Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user cred2022-05-24
CVEList
Password Autocomplete Vulnerability in Hitachi ABB Power Grids eSOMS Application2021-07-14
CVE-2021-35527 — Sensitive Information Exposure | cvebase