CVE-2021-41719 — HIGH (7.5)

Vulnerability Description

Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Related Weaknesses (CWE)

CWE-598

References

https://cvewalkthrough.com/cve-2021-41719-mseb-ios-application-sensitive-informa

FAQ

What is CVE-2021-41719?

CVE-2021-41719 is a vulnerability with a CVSS score of 7.5 (HIGH). Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive in...

How severe is CVE-2021-41719?

CVE-2021-41719 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-41719?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.