Lucene search
HistoryOct 19, 2014 - 1:55 a.m.
CVE-2014-5420
cve-2014-5420
carefusion
pyxis
supplystation
vulnerability
hardcoded password
cybersecurity
nvd
6.3 Medium
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
48.1%
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access via unspecified vectors.
Affected configurations
Node
carefusionpyxis_supplystationMatch8.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| carefusion:pyxis_supplystation | carefusion pyxis supplystation | eq | 8.1 |
Related
cvelist
cvelist
CVE-2014-5420
2014-10-19 01:00:00
prion
prion
Hardcoded credentials
2014-10-19 01:55:00
nvd
nvd
CVE-2014-5420
2014-10-19 01:55:15
ics
ics
CareFusion Pyxis SupplyStation System Vulnerabilities
2014-10-15 12:00:00
6.3 Medium
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
48.1%
Related for CVE-2014-5420