Sensitive Information Exposure in Mahavitran iOS Application by Maharashtra State Electricity Distribution Company Limited
CVE-2021-41719

7.5HIGH

Key Information:

Vendor: Maharashtra State Electricity Distribution Company Limited
Status: Mahavitran iOS Application
Vendor: CVE Published:; 4 March 2025

🔔 Create Maharashtra State Electricity Distribution Company Limited Vulnerability Alert

What is CVE-2021-41719?

The Mahavitran iOS application version 16.1 exposes sensitive user information, such as account names and passwords, through the public GET method. This practice can lead to the unintentional disclosure of sensitive data via browser history, referrer headers, and web logs, making it vulnerable to potential exploitation. Users should be aware of these risks and update their application to safeguard their sensitive information.

References

https://cvewalkthrough.com/cve-2021-41719-mseb-ios-applic...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 4, 2025
Vulnerability Reserved
Sep 27, 2021