CVE-2014-5400

Опубликовано: 03 апр. 2015

Источник: nvd

CVSS2: 6.8

CVSS2: 2.1

EPSS Низкий

Описание

The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.

Ссылки

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json
https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03
https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hospira:mednet:*:*:*:*:*:*:*:*

Версия до 5.8 (включая)

EPSS

Процентиль: 18%

0.00058

Низкий

6.8 Medium

CVSS2

2.1 Low

CVSS2

Дефекты

CWE-260

CWE-200

Связанные уязвимости

GHSA-cxhq-365x-27h7

github

больше 3 лет назад

The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.

EPSS

Процентиль: 18%

0.00058

Низкий

6.8 Medium

CVSS2

2.1 Low

CVSS2

Дефекты

CWE-260

CWE-200