← Back

CVE-2020-25160

nvd nist
Published: Apr 14, 2022Modified: Nov 21, 2024

JSON object

Loading...
6.3
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Exploitability: 2.0 / Impact: 3.7
Source: NVD

Description

Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 enables attackers to extract and tamper with the devices network configuration.

Affected (3)

Bbraun
2 products
Datamodule Compactplus
Spacecom
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Bbraun
Datamodule Compactplus
Version a10
Datamodule Compactplus
Version a11
Running on/withPlatform Versions
Bbraun
Datamodule Compactplus
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Spacecom
Up to l81
Running on/withPlatform Versions
Bbraun
Spacecom
All versions

Related CWEs

CWE-284
Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

Source: ics-cert@hq.dhs.gov
Broken Link
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.