CVE-2021-42699
MEDIUMDAQFactory - Cleartext Transmission of Sensitive Information via HTTP Cookie
Title source: llmDescription
The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-21-308-02
Scores
CVSS v3
5.7
EPSS
0.0048
EPSS Percentile
37.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (2)
azeotech/daqfactory
18.1 build_2347
azeotech/daqfactory
< 18.1
Published
Nov 05, 2021
Tracked Since
Feb 18, 2026