Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
History

Fri, 21 Mar 2025 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-598
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 04 Mar 2025 21:00:00 +0000

Type Values Removed Values Added
Description Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1 application till version 16.1 communicates using the GET method to process requests that contain sensitive information such as user account name and password, which can expose that information through the browser's history, referrers, web logs, and other sources.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2025-03-04T00:00:00.000Z

Updated: 2025-03-21T16:53:59.477Z

Reserved: 2021-09-27T00:00:00.000Z

Link: CVE-2021-41719

cve-icon Vulnrichment

Updated: 2025-03-21T16:53:17.326Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-03-04T21:15:11.237

Modified: 2025-03-21T17:15:35.857

Link: CVE-2021-41719

cve-icon Redhat

No data.