| ID |
CVE-2019-10962
|
| Summary |
BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.0.13:*:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.0.13:*:*:*:*:*:*:*
-
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:10:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:10:*:*:*:*:*:*
-
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:11:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:11:*:*:*:*:*:*
-
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.5:*:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.5:*:*:*:*:*:*:*
-
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.6:*:*:*:*:*:*:*
cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.6:*:*:*:*:*:*:*
-
cpe:2.3:h:bd:alaris_gateway_workstation:-:*:*:*:*:*:*:*
cpe:2.3:h:bd:alaris_gateway_workstation:-:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.0 (as of 02-10-2020 - 14:34) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| refmap
via4
|
|
| Last major update |
02-10-2020 - 14:34 |
| Published |
13-06-2019 - 21:29 |
| Last modified |
02-10-2020 - 14:34 |
