Lucene search
K

24 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.8 views

CVE-2021-41835

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

7.5CVSS6.7AI score0.00305EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-10333

Malware in sbrugna...

9.8CVSS9.3AI score0.00945EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10335

Malware in sbrugna...

7.8CVSS7.5AI score0.0107EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:20 p.m.10 views

CVE-2021-23236

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system...

7.8CVSS6.7AI score0.0107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.6 views

CVE-2021-23196

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently...

9.8CVSS7.1AI score0.00909EPSS
Exploits0References1
OSV
OSV
added 2022/01/21 7:15 p.m.4 views

CVE-2021-31562

The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an attacker to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transferred data, manipulate data allegedly secured by SSL/TLS, and impersonate an...

9.1CVSS7.3AI score0.00488EPSS
Exploits0References1
NVD
NVD
added 2022/01/21 7:15 p.m.19 views

CVE-2021-23196

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently...

9.8CVSS0.00909EPSS
Exploits0References1
OSV
OSV
added 2022/01/21 7:15 p.m.4 views

CVE-2021-23196

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently...

9.8CVSS5.8AI score0.00909EPSS
Exploits0References1
NVD
NVD
added 2022/01/21 7:15 p.m.19 views

CVE-2021-23236

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system...

7.8CVSS0.0107EPSS
Exploits0References1
OSV
OSV
added 2022/01/21 7:15 p.m.5 views

CVE-2021-23236

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system...

7.5CVSS7.1AI score0.0107EPSS
Exploits0References1
NVD
NVD
added 2022/01/21 7:15 p.m.16 views

CVE-2021-31562

The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an attacker to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transferred data, manipulate data allegedly secured by SSL/TLS, and impersonate an...

9.1CVSS0.00488EPSS
Exploits0References1
Prion
Prion
added 2022/01/21 7:15 p.m.20 views

Hardcoded credentials

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system...

7.8CVSS7.8AI score0.0107EPSS
Exploits0References1Affected Software6
Prion
Prion
added 2022/01/21 7:15 p.m.19 views

Code injection

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

5CVSS7.9AI score0.00305EPSS
Exploits0References1Affected Software6
Prion
Prion
added 2022/01/21 7:15 p.m.19 views

Authentication flaw

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration...

7.5CVSS9.5AI score0.00945EPSS
Exploits0References1Affected Software6
Cvelist
Cvelist
added 2022/01/21 6:17 p.m.28 views

CVE-2021-41835 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

7.3CVSS7.6AI score0.00305EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/01/21 6:17 p.m.14 views

CVE-2021-41835 Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

7.3CVSS7.5AI score0.00305EPSS
Exploits0References1
CVE
CVE
added 2022/01/21 6:17 p.m.59 views

CVE-2021-41835

CVE-2021-41835 affects Fresenius Kabi Agilia Link+ and related components in Agilia Connect Infusion System. The root issue is failure to enforce transport-layer encryption: data may traverse plaintext, with TLS offered on port 443 but no automatic redirect from unencrypted port 80 to 443. The vu...

7.5CVSS7.4AI score0.00305EPSS
Exploits0References1Affected Software4
CVE
CVE
added 2022/01/21 6:17 p.m.57 views

CVE-2021-31562

CVE-2021-31562 affects Fresenius Kabi Agilia Link+ (v3.0) due to weak SSL/TLS configuration (broken/risky cryptographic algorithm). Vulnerable component: SSL/TLS configuration on Agilia Link+; impact includes eavesdropping, data manipulation, and impersonation of entities. Mitigation from the ICS...

9.1CVSS7.8AI score0.00488EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/01/21 6:17 p.m.57 views

CVE-2021-23233

CVE-2021-23233 affects Fresenius Kabi Agilia Link+ v3.0 and earlier. It is an improper access control vulnerability allowing unauthenticated clients to reach sensitive endpoints and perform actions or modify configuration parameters. The issue is documented in multiple sources (ICS advisory and R...

9.8CVSS8.6AI score0.00945EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2022/01/21 6:17 p.m.18 views

CVE-2021-23196 Fresenius Kabi Agilia Connect Infusion System insufficiently protected credentials

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently...

7.3CVSS9.8AI score0.00909EPSS
Exploits0References1
Rows per page
Query Builder