Description
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer. The affected product’s web interface allows an attacker to route click or keystroke to another page provided by the attacker to gain unauthorized access to sensitive information.
Scores
CVSS v3
6.1
EPSS
0.0017
EPSS Percentile
37.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-1021
Status
published
Products (4)
emerson/x-stream_enhanced_xefd_firmware
emerson/x-stream_enhanced_xegk_firmware
emerson/x-stream_enhanced_xegp_firmware
emerson/x-stream_enhanced_xexf_firmware
Published
May 20, 2021
Tracked Since
Feb 18, 2026