17 matches found
EUVD-2014-5293
Malware in sbrugna...
EUVD-2014-5289
Malware in sbrugna...
EUVD-2014-5288
Malware in sbrugna...
CVE-2014-5405
Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password...
CVE-2014-5403
Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the network...
Design/Logic Flaw
The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file...
CVE-2014-5400
The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file...
Hardcoded credentials
Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password...
CVE-2014-5400 Hospira MedNet Password in Configuration File
The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file...
CVE-2014-5403
Summary (CVE-2014-5403) Hospira MedNet before 6.1 uses hard-coded cryptographic keys to protect data transmission from infusion pumps, enabling remote attackers to obtain sensitive information by sniffing network traffic. Affected software: MedNet server software (pre-6.1). Underlying issue: hard...
CVE-2014-5400
CVE-2014-5400 affects Hospira MedNet prior to version 6.1, where the installation component stores usernames/passwords in plaintext in configuration files, enabling local attackers to read sensitive credentials. Exploitation details: local access needed; impact includes compromise of MedNet insta...
CVE-2014-5403 Hospira MedNet Use of Hard-coded Cryptographic Key
Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2014-5405 Hospira MedNet Use of Hard-coded Password
Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password...
Hospira MedNet Arbitrary Code Execution Vulnerability
MedNet manages drug libraries, firmware updates, and configurations for Hospira IV pumps for use in the healthcare and public health sectors. MedNet uses a vulnerable version of JBoss Enterprise Application Platform, which could allow an unauthenticated user to execute arbitrary code on the targe...
Hospira MedNet Hardcoded Key Vulnerability
MedNet manages drug libraries, firmware updates, and configurations for Hospira IV pumps for use in the healthcare and public health sectors. MedNet uses hard-coded keys that allow attackers to intercept encrypted communications from syringe pumps...
Hospira MedNet Hardcoded Password Vulnerability (CNVD-2015-02160)
MedNet manages drug libraries, firmware updates, and configurations for Hospira IV pumps for use in the healthcare and public health sectors. MedNet uses plain text stored passwords for the SQL database, which allows an attacker to compromise the MedNet SQL server and gain administrator access to...
Hospira MedNet Password Disclosure Vulnerability
MedNet manages drug libraries, firmware updates, and configurations for Hospira IV pumps for use in the healthcare and public health sectors. MedNet installs with a username and password stored in plaintext on the local file system, which allows a malicious user to disrupt the MedNet installation...