CVE-2022-47376

Name of the Vulnerable Software and Affected Versions Alaris Infusion Central software versions 1.1 to 1.3.2

Description The issue concerns a recoverable password that may be present after the installation of the software. It is noted that no patient health data is stored in the database by default, although some installations may choose to store personal data.

Recommendations For Alaris Infusion Central software versions 1.1 to 1.3.2, consider changing the default password after installation to prevent potential unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.