Lucene search

K
cve[email protected]CVE-2014-5420
HistoryOct 19, 2014 - 1:55 a.m.

CVE-2014-5420

2014-10-1901:55:15
CWE-255
web.nvd.nist.gov
16
cve-2014-5420
carefusion
pyxis
supplystation
vulnerability
hardcoded password
cybersecurity
nvd

6.3 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.1%

CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access via unspecified vectors.

Affected configurations

NVD
Node
carefusionpyxis_supplystationMatch8.1

6.3 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

48.1%

Related for CVE-2014-5420