PT-2019-7164 · Hospira · Hospira Lifecare Pca Infusion System

Publicado

2019-03-25

Atualizado

2019-10-09

CVE-2015-1012

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Hospira LifeCare PCA Infusion System version 5

Description The issue concerns the storage of wireless keys in plain text. According to the information provided, version 3 of the system is not intended for wireless use and should not be modified for such purposes. Version 7.0 of the system has been developed to address the identified issues, including the closure of Port 20/FTP and Port 23/TELNET by default to prevent unauthorized access.

Recommendations For version 5 of the Hospira LifeCare PCA Infusion System, update to version 7.0 to address the identified vulnerabilities. For version 3 of the Hospira LifeCare PCA Infusion System, do not modify the system for wireless use in a clinical setting.

Correção

Cleartext Storage of Sensitive Information

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-312CWE-200

Identificadores relacionados

CVE-2015-1012

Produtos afetados

Hospira Lifecare Pca Infusion System

PT-2019-7164 · Hospira · Hospira Lifecare Pca Infusion System

CVE-2015-1012

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2