exploitDog

CVE-2014-5420

Опубликовано: 19 окт. 2014

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access via unspecified vectors.

Ссылки

https://ics-cert.us-cert.gov/advisories/ICSA-14-288-01
US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-14-288-01
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:carefusion:pyxis_supplystation:8.1:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00211

Низкий

3.5 Low

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-c3ch-5j34-5m4f

github

больше 3 лет назад

CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access via unspecified vectors.

EPSS

Процентиль: 44%

0.00211

Низкий

3.5 Low

CVSS2

Дефекты

CWE-255