PT-2019-7181 · Hospira · Hospira Symbiq Infusion System+2

Publicado

2019-03-25

Atualizado

2019-10-09

CVE-2015-3952

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Hospira Plum A+ Infusion System versions 13.4 and prior Hospira Plum A+3 Infusion System versions 13.6 and prior Hospira Symbiq Infusion System versions 3.13 and prior

Description The issue concerns the storage of wireless keys in plain text. To mitigate the risk, it is recommended to close Port 20/FTP and Port 23/TELNET on the affected devices.

Recommendations For Hospira Plum A+ Infusion System versions 13.4 and prior, close Port 20/FTP and Port 23/TELNET. For Hospira Plum A+3 Infusion System versions 13.6 and prior, close Port 20/FTP and Port 23/TELNET. For Hospira Symbiq Infusion System versions 3.13 and prior, close Port 20/FTP and Port 23/TELNET.

Correção

Cleartext Storage of Sensitive Information

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-312CWE-200

Identificadores relacionados

CVE-2015-3952

Produtos afetados

Hospira Plum A+ Infusion System

Hospira Plum A+3 Infusion System

Hospira Symbiq Infusion System

PT-2019-7181 · Hospira · Hospira Symbiq Infusion System+2

CVE-2015-3952

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2