PT-2017-9636 · Smiths Medical · Cadd-Solis Medication Safety

Published

2017-02-13

Updated

2017-02-28

CVE-2016-8358

CVSS v3.1

8.5

High

Vector

AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Smiths-Medical CADD-Solis Medication Safety Software versions 1.0 through 3.1

Description The issue is related to the software not verifying identities at communication endpoints. This may allow a man-in-the-middle attacker to gain access to the communication channel between endpoints.

Recommendations For versions 1.0 through 3.1, consider implementing endpoint identity verification to prevent man-in-the-middle attacks. As a temporary workaround, restrict access to the communication channel to minimize the risk of exploitation.

Fix

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-346

Related Identifiers

CVE-2016-8358

Affected Products

Cadd-Solis Medication Safety

PT-2017-9636 · Smiths Medical · Cadd-Solis Medication Safety

CVE-2016-8358

Weakness Enumeration

Related Identifiers

Affected Products

References · 4