CVEs (9)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of t...Show more |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the...Show more |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform un...Show more |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can i...Show more |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Link+ FirmwareAgilia Partner Maintenance Software+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an attacker to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transfer...Show more |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system. |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthentica...Show more |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently. |
1Fresenius Kabi 6Agilia Connect Firmware Agilia Partner Maintenance SoftwareLink+ Agilia Firmware+3 moreNov 21, 2024 Jan 21, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HT...Show more |