Lucene search
HistoryOct 19, 2014 - 1:55 a.m.
CVE-2014-5421
carefusion
pyxis supplystation
cve-2014-5421
hardcoded password
local privilege escalation
6.8 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:C/I:C/A:P
0.0004 Low
EPSS
Percentile
0.4%
CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access.
Affected configurations
Node
carefusionpyxis_supplystationMatch8.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| carefusion:pyxis_supplystation | carefusion pyxis supplystation | eq | 8.1 |
Related
cvelist
cvelist
CVE-2014-5421
2014-10-19 01:00:00
prion
prion
Hardcoded credentials
2014-10-19 01:55:00
nvd
nvd
CVE-2014-5421
2014-10-19 01:55:15
ics
ics
CareFusion Pyxis SupplyStation System Vulnerabilities
2014-10-15 12:00:00
6.8 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:C/I:C/A:P
0.0004 Low
EPSS
Percentile
0.4%
Related for CVE-2014-5421