CyberSec.Space Logo
Back to CVE Browser

CVE-2021-29397

HIGH
7.5
CVSS Severity Score
EPSS Score0.0830%
EPSS Percentile3.83th
PublishedFeb 4, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP.

Affected Platforms (CPE)

πŸ“¦
Globalnorthstar

Northstar Club Management

= 6.3

References & Advisories

πŸ”— https://Ardent-Security.com
πŸ”— https://ardent-security.com/en/advisory/asa-2021-05/
πŸ”— https://Ardent-Security.com
πŸ”— https://ardent-security.com/en/advisory/asa-2021-05/

Related Vulnerabilities

CVE-2021-293939.8

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote ...

CVE-2021-293969.8

Systemic Insecure Permissions in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to u...

CVE-2021-293957.5

Directory travesal in /northstar/filemanager/download.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remot...

CVE-2021-293946.5

Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote...