Описание
Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до d25 (включая)
Одновременно
cpe:2.3:o:fresenius-kabi:agilia_sp_mc_wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:fresenius-kabi:agilia_sp_mc_wifi:-:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00197
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-552
CWE-306
Связанные уязвимости
CVSS3: 5.3
github
около 4 лет назад
Fresenius Kabi Agilia Link + version 3.0 has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.
EPSS
Процентиль: 42%
0.00197
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-552
CWE-306