Описание
BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device.
Ссылки
- Third Party AdvisoryVDB Entry
- MitigationThird Party AdvisoryUS Government Resource
- Third Party AdvisoryVDB Entry
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.0.13:*:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:10:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:11:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.6:*:*:*:*:*:*:*
cpe:2.3:h:bd:alaris_gateway_workstation:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-Other
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device.
EPSS
Процентиль: 36%
0.0015
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-Other