Lucene search
K

209 matches found

CNNVD
CNNVD
added 2022/09/08 12:0 a.m.5 views

Baxter Spectrum 安全漏洞

Baxter Spectrum is an infusion pump from Baxter USA. The Baxter Sigma and Baxter Spectrum Infusion Pumps have a security vulnerability that stems from the fact that they store network credentials and patient health information PHI in unencrypted form.PHI is stored using an automated program only ...

4.2CVSS6.7AI score0.00424EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2022/07/21 9:0 a.m.14 views

A Bootiful Podcast: Spring Cloud and Spring Cloud Kubernetes contributor Ryan Baxter

Hi, Spring fans! In this episode, Josh Long @starbuxman talks to a person who knows more than most about the awesome implications of both the words "Spring" and "Cloud," Spring Cloud Kubernetes lead Ryan Baxter @ryanjbaxter...

2.8AI score
Exploits0
ICS
ICS
added 2022/06/16 12:0 a.m.34 views

Hillrom Medical Device Management

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hillrom Medical. Welch Allyn, and ELI are registered trademarks of Baxter International, Inc., or its subsidiaries. Equipment: Welch Allyn medical devices Vulnerabilities: Use of Hard-coded Password,...

7.7CVSS7.1AI score0.00282EPSS
Exploits0References5
OSV
OSV
added 2020/06/29 2:15 p.m.5 views

CVE-2020-12032

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI...

9.1CVSS7.3AI score0.00941EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.35 views

CVE-2020-12024

Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical access. Successful exploitation of this vulnerability may allow an attacker with physical access to th...

6.1CVSS0.00345EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.4 views

CVE-2020-12043

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when configured for wireless networking the FTP service operating on the WBM remains operational until the WBM is rebooted...

9.8CVSS7AI score0.02081EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.2 views

CVE-2020-12037

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...

7.5CVSS7.1AI score0.00483EPSS
Exploits0References2
NVD
NVD
added 2020/06/29 2:15 p.m.21 views

CVE-2020-12043

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when configured for wireless networking the FTP service operating on the WBM remains operational until the WBM is rebooted...

9.8CVSS0.02081EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.34 views

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

9.8CVSS0.01662EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.2 views

CVE-2020-12036

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...

7.5CVSS5.8AI score0.00496EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.32 views

CVE-2020-12039

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...

2.4CVSS0.00333EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.5 views

CVE-2020-12040

Sigma Spectrum Infusion System v's6.x model 35700BAX and Baxter Spectrum Infusion System Versions 8.x model 35700BAX2 at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data. This could allow an attacker that has...

9.8CVSS7AI score0.0094EPSS
Exploits1References1
NVD
NVD
added 2020/06/29 2:15 p.m.21 views

CVE-2020-12012

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 have hard-coded administrative account credentials f...

6.1CVSS0.00345EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.23 views

CVE-2020-12020

Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non administrative users from gaining access to the operating system and editing the application startup script. Successful exploitation of this vulnerability may allow an...

6.1CVSS0.00313EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.4 views

CVE-2020-12039

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration value...

2.4CVSS5.8AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.6 views

CVE-2020-12041

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to netwo...

9.4CVSS6.9AI score0.01395EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.33 views

CVE-2020-12036

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...

7.5CVSS0.00496EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.4 views

CVE-2020-12047

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24, when used with a Baxter Spectrum v8.x model 35700BAX2 in a factory-default wireless configuration enables an FTP service with hard-coded credentials...

9.8CVSS7AI score0.01662EPSS
Exploits0References1
NVD
NVD
added 2020/06/29 2:15 p.m.33 views

CVE-2020-12040

Sigma Spectrum Infusion System v's6.x model 35700BAX and Baxter Spectrum Infusion System Versions 8.x model 35700BAX2 at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data. This could allow an attacker that has...

9.8CVSS0.0094EPSS
Exploits1References1
NVD
NVD
added 2020/06/29 2:15 p.m.20 views

CVE-2020-12016

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account...

10CVSS0.01856EPSS
Exploits0References1
Rows per page
Query Builder