Описание
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:baxter:em2400_firmware:1.10:*:*:*:*:*:*:*
cpe:2.3:o:baxter:em2400_firmware:1.11:*:*:*:*:*:*:*
cpe:2.3:h:baxter:em2400:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
Одно из
cpe:2.3:o:baxter:em1200_firmware:1.1:*:*:*:*:*:*:*
cpe:2.3:o:baxter:em1200_firmware:1.2:*:*:*:*:*:*:*
cpe:2.3:h:baxter:em1200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.0011
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-311
CWE-312
Связанные уязвимости
github
больше 3 лет назад
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI.
EPSS
Процентиль: 30%
0.0011
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-311
CWE-312