Lucene search

K
cve[email protected]CVE-2014-5421
HistoryOct 19, 2014 - 1:55 a.m.

CVE-2014-5421

2014-10-1901:55:15
CWE-255
web.nvd.nist.gov
21
carefusion
pyxis supplystation
cve-2014-5421
hardcoded password
local privilege escalation

6.8 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:C/I:C/A:P

0.0004 Low

EPSS

Percentile

0.4%

CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access.

Affected configurations

NVD
Node
carefusionpyxis_supplystationMatch8.1

6.8 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:C/I:C/A:P

0.0004 Low

EPSS

Percentile

0.4%

Related for CVE-2014-5421