CVE-2018-7518

2018-05-2400:00:00

CWE-522

icscert

www.cve.org

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

JSON

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.

CNA Affected

[
  {
    "product": "BeaconMed&#195;&#166;s TotalAlert Scroll Medical Air Systems web application",
    "vendor": "ICS-CERT",
    "versions": [
      {
        "status": "affected",
        "version": "All versions prior to version 4107600010.23"
      }
    ]
  }
]

References

ics-cert.us-cert.gov/advisories/ICSMA-18-144-01