5 matches found
Authentication flaw
Fresenius Kabi Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users...
CVE-2021-44464 Fresenius Kabi Agilia Connect Infusion System hard coded credentials
Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...
PT-2022-9374 · Fresenius Kabi · Fresenius Kabi Vigilant Software Suite
Name of the Vulnerable Software and Affected Versions: Fresenius Kabi Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 Description: The issue allows an attacker to identify and access files on the server due to the option for automated indexing directory listing being activated. When...
PT-2022-9376 · Fresenius Kabi · Fresenius Kabi Vigilant Mastermed
Name of the Vulnerable Software and Affected Versions: Fresenius Kabi Vigilant MasterMed version 2.0.1.3 Description: An attacker with physical access to the host can extract secrets from the registry and create valid JWT tokens for the application, allowing them to impersonate arbitrary users...
IMGTech Zoneplayer ZInsX.ocx ActiveX Control Input Validation Error Vulnerability
IMGTech Zoneplayer is a media player from the Korean company IMGTech.ZInsX.ocx ActiveX Control is one of the controls. An input validation error vulnerability exists in ZInsX.ocx ActiveX Control 2.0.1.3 and earlier versions of IMGTech Zoneplayer. An attacker can exploit this vulnerability to...