Lucene search

K
cve[email protected]CVE-2014-5420
HistoryOct 19, 2014 - 1:55 a.m.

CVE-2014-5420

2014-10-1901:55:15
CWE-255
web.nvd.nist.gov
16
cve-2014-5420
carefusion
pyxis
supplystation
vulnerability
hardcoded password
cybersecurity
nvd

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%

CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access via unspecified vectors.

Affected configurations

NVD
Node
carefusionpyxis_supplystationMatch8.1

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.1%

Related for CVE-2014-5420