Lucene search
K

209 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:12 p.m.10 views

CVE-2020-12036

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption e.g., TLS/SSL when configured to send treatment data to a PDMS Patient Data Management System or an EMR Electronic Medical Record system. An attacker could observe...

7.5CVSS6.7AI score0.00496EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:33 p.m.10 views

CVE-2020-12008

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an attacker with network access to view sensitive data including PHI...

7.5CVSS6.5AI score0.00948EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:11 p.m.9 views

CVE-2020-12045

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 when used in conjunction with a Baxter Spectrum v8.x model 35700BAX2, operates a Telnet service on Port 1023 with hard-coded credentials...

9.8CVSS7AI score0.01662EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 2:53 a.m.9 views

CVE-2024-6796

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content...

9.1CVSS9.4AI score0.00406EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Baxter Life2000 安全漏洞

Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in Baxter Life2000 version 06.08.00.00 and prior versions, which originated when enabled by default, that allows sending and receiving of unencrypted messages, which could result in unauthorized...

9.3CVSS6.2AI score0.00221EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.3 views

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less noninvasive ventilator from Baxter. A security vulnerability exists in the Baxter Life2000 that stems from an unlimited number of login failures allowed using the clinician password or serial number clinician password, which allows an attacker to perform a brute...

9.3CVSS6.9AI score0.00177EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in Baxter Life2000 version 06.08.00.00 and earlier, which stems from a lack of memory protection and allows an attacker to read or write to flash memory via the JTAG interface, potentially...

9.3CVSS6.6AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Baxter Life2000 访问控制错误漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. An access control error vulnerability exists in Baxter Life2000 version 06.08.00.00 and prior, which stems from unsupported user authentication, allowing an attacker to obtain diagnostic information or manipulate device...

10CVSS6.5AI score0.00676EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.6 views

Baxter Life2000 信任管理问题漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A trust management issue vulnerability exists in Baxter Life2000 version 06.08.00.00 and prior versions, which stems from the clinician password and serial number clinician password, hardcoded in plaintext in the device, whic...

9.3CVSS6.7AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.3 views

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in the Baxter Life2000 that stems from improper data protection on the ventilator's serial interface, which could allow an attacker to send and receive messages that could have an unintended...

9.3CVSS6.2AI score0.00137EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in Baxter Life2000 version 06.08.00.00 and prior versions, which stems from the lack of sufficient audit logging functionality to detect malicious activity and perform subsequent forensic...

10CVSS6.2AI score0.00612EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.5 views

Baxter Life2000 安全漏洞

The Baxter Life2000 is a mask-less non-invasive ventilator from Baxter. A security vulnerability exists in Baxter Life2000 version 06.08.00.00 and earlier, which stems from improper file integrity checking when applying a firmware update, allowing an attacker to push a compromised or illegal...

9.3CVSS6.5AI score0.00155EPSS
Exploits0References2
OSV
OSV
added 2024/09/09 8:15 p.m.5 views

CVE-2024-6796

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content...

9.1CVSS5.7AI score0.00406EPSS
Exploits0References1
NVD
NVD
added 2024/09/09 8:15 p.m.24 views

CVE-2024-6796

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content...

9.1CVSS0.00406EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/09 7:28 p.m.19 views

CVE-2024-6796 Vulnerability in Baxter Connex Health Portal

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content...

8.2CVSS7.2AI score0.00406EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/09 7:28 p.m.34 views

CVE-2024-6796 Vulnerability in Baxter Connex Health Portal

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content...

8.2CVSS0.00406EPSS
Exploits0References1
CVE
CVE
added 2024/09/09 7:28 p.m.53 views

CVE-2024-6796

Baxter Connex Health Portal has an improper access control vulnerability (CVE-2024-6796) affecting versions prior to 8/30/2024, enabling an unauthenticated remote attacker to access/modify the portal’s database. Exploitation details are not provided in the documents; the CVSSv3.1 base score is 8....

9.1CVSS8.6AI score0.00406EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/09 7:24 p.m.20 views

CVE-2024-6795 Vulnerability in Baxter Connex Health Portal

In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database. An attacker could have submitted a crafted payload to Connex portal that could have resulted in...

10CVSS0.00598EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/09 12:0 a.m.7 views

Baxter Connex Health Portal 安全漏洞

The Baxter Connex Health Portal is a web portal for medical instruments from Baxter USA. A security vulnerability exists in the Baxter Connex Health Portal that stems from the inclusion of a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to th...

10CVSS8AI score0.00598EPSS
Exploits0References2
ICS
ICS
added 2024/09/05 6:0 a.m.35 views

Baxter Connex Health Portal

View CSAF 1. EXECUTIVE SUMMARY CVSS v3.1 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Baxter Equipment : Connex Health Portal Vulnerabilities : SQL Injection, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to...

10CVSS9.7AI score0.00598EPSS
Exploits0References10
Rows per page
Query Builder