Cleartext Storage of Sensitive Information in a Cookie
CVE-2021-34564
Summary
Any cookie-stealing vulnerabilities within the application or browser would enable an attacker to steal the user's credentials to the PEPPERL+FUCHS WirelessHART-Gateway 3.0.9.
- LOW
- LOCAL
- NONE
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- NONE
CWE-315 - Cleartext Storage of Sensitive Information in a Cookie
The application stores sensitive information in cleartext in a cookie.
References
Advisory Timeline
- Published