3 matches found
CVE-2021-43935
CVE-2021-43935 describes an authentication bypass vulnerability in Hillrom Welch Allyn Cardio Products when SSO is enabled. The ICSMA-21-343-01 advisory confirms an improper authentication issue (CWE-288) that allows an AD account to access the application without a password, granting privileges ...
CVE-2021-43935
The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory AD account provisioned in the application without supplying a password, resulting in access to the...
Hillrom Welch Allyn Cardio Products
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Hillrom Equipment: Welch Allyn Cardio Products Vulnerability: Authentication Bypass Using an Alternate Path or Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access...