CVE-2021-45025
HIGHASG-Zena Cross Platform Server Enterprise Edition 4.2.1 - Cleartext Storage of Sensitive Information in Cookie
Title source: llmDescription
ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie.
References (3)
Core 3
Core References
Broken Link, URL Repurposed x_refsource_misc
http://asg-zena.com
Product x_refsource_misc
http://asg.com
Release Notes, Vendor Advisory x_refsource_misc
https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html
Scores
CVSS v3
7.5
EPSS
0.0067
EPSS Percentile
47.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (1)
rocketsoftware/ags-zena
4.2.1
Published
Jun 17, 2022
Tracked Since
Feb 18, 2026