HIGH🇬🇧 English

CVE-2022-47376

CVSS 7.3v3.1pub. 2023-06-13upd. 2025-01-03

The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
  • Bd Alaris Infusion Central

    APP
    Bd
    1.1 – 1.3.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-10959CRITICAL10.0ten sam vendor

BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1...

CVE-2018-14786CRITICAL9.4ten sam vendor

Becton, Dickinson and Company (BD) Alaris Plus medical syringe pumps (models Alaris GS, Alaris GH, Alaris CC, ...

CVE-2017-6022CRITICAL9.8ten sam vendor

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 an...

CVE-2023-30563HIGH8.2ten sam vendor

A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked session.

CVE-2022-22767HIGH8.8ten sam vendor

Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these...