CVE-2020-25170 B. Braun OnlineSuite

2020-10-2200:00:00

CWE-1236

icscert

www.cve.org

0.001 Low

EPSS

Percentile

28.4%

JSON

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.

CNA Affected

[
  {
    "product": "OnlineSuite",
    "vendor": "B. Braun Melsungen AG",
    "versions": [
      {
        "lessThanOrEqual": "3.0",
        "status": "affected",
        "version": "AP",
        "versionType": "custom"
      }
    ]
  }
]

References

us-cert.cisa.gov/ics/advisories/icsma-20-296-01

0.001 Low

EPSS

Percentile

28.4%

JSON

Related for CVELIST:CVE-2020-25170