Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 8:38 p.m.4 views

CVE-2002-2307

The default configuration of BenHur Firewall release 3 update 066 fix 2 allows remote attackers to access arbitrary services by connecting from source port 20...

5CVSS7.2AI score0.01958EPSS
Exploits1References1
Prion
Prion
added 2019/03/25 7:29 p.m.14 views

Design/Logic Flaw

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...

5CVSS6.8AI score0.00771EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/03/25 6:20 p.m.44 views

CVE-2015-1012

The CVE-2015-1012 entry concerns the Hospira LifeCare PCA Infusion System. Vulnerabilities include cleartext storage of wireless network keys and hardcoded credentials, with multiple related issues (e.g., improper authorization, insufficient verification of data authenticity) that could enable un...

7.5CVSS7.5AI score0.00771EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/25 6:20 p.m.19 views

CVE-2015-1012

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless...

7.5AI score0.00771EPSS
Exploits0References1
Prion
Prion
added 2019/03/25 5:29 p.m.17 views

Hardcoded credentials

Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...

10CVSS6.9AI score0.01972EPSS
Exploits0References1Affected Software3
NVD
NVD
added 2019/03/25 5:29 p.m.20 views

CVE-2015-3953

Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...

10CVSS9.5AI score0.01972EPSS
Exploits0References1
NVD
NVD
added 2019/03/25 4:29 p.m.24 views

CVE-2015-3952

Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...

7.5CVSS8AI score0.01008EPSS
Exploits0References1
Prion
Prion
added 2019/03/25 4:29 p.m.15 views

Authorization

Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...

5CVSS6.6AI score0.01008EPSS
Exploits0References1Affected Software3
CVE
CVE
added 2019/03/25 4:2 p.m.46 views

CVE-2015-3953

CVE-2015-3953 affects Hospira Plum A+ Infusion System (versions prior to 13.4), Plum A+3 Infusion System (prior to 13.6), and Symbiq Infusion System (prior to 3.13). Root cause: hard-coded credentials allowing access via affected devices; additional risk factors include services listening on Port...

10CVSS9.2AI score0.01972EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/25 4:2 p.m.16 views

CVE-2015-3953

Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices...

9.5AI score0.01972EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/10/26 7:0 p.m.20 views

CVE-2002-2307

The default configuration of BenHur Firewall release 3 update 066 fix 2 allows remote attackers to access arbitrary services by connecting from source port 20...

6.9AI score0.01958EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2002/07/22 12:0 a.m.401 views

BenHur Firewall Source Port 20 ACL Restriction Bypass

It is possible to connect to firewall-protected ports on the remote host by setting the source port to 20. An attacker may use this flaw to access services that should not be accessible to outsiders on this host. C Tenable Network Security, Inc. Script audit and contributions from Carmichael...

5CVSS5.6AI score0.01958EPSS
Exploits1References2
Rows per page
Query Builder