PT-2022-8700 · B. Braun Melsungen Ag · Data Module Compactplus+1
Published
2022-04-14
·
Updated
2022-04-21
·
CVE-2020-25154
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
B. Braun Melsungen AG SpaceCom device versions L81/U61 and earlier
B. Braun Melsungen AG Data module compactplus versions A10 and A11
Description
The issue is related to an open redirect vulnerability in the administrative interface. This vulnerability allows attackers to redirect users to malicious websites.
Recommendations
For B. Braun Melsungen AG SpaceCom device versions L81/U61 and earlier, consider restricting access to the administrative interface until a fix is available.
For B. Braun Melsungen AG Data module compactplus versions A10 and A11, avoid using the administrative interface for sensitive operations until the issue is resolved.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Data Module Compactplus
Spacecom