Описание
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an attacker with network access to view sensitive data including PHI.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:baxter:em2400_firmware:1.10:*:*:*:*:*:*:*
cpe:2.3:o:baxter:em2400_firmware:1.11:*:*:*:*:*:*:*
cpe:2.3:h:baxter:em2400:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
Одно из
cpe:2.3:o:baxter:em1200_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:o:baxter:em1200_firmware:1.2:*:*:*:*:*:*:*
cpe:2.3:h:baxter:em1200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00114
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-319
CWE-319
Связанные уязвимости
github
больше 3 лет назад
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an attacker with network access to view sensitive data including PHI.
EPSS
Процентиль: 30%
0.00114
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-319
CWE-319