CVE-2015-1011

Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
References
Link Resource
http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm Third Party Advisory US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01A Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:hospira:lifecare_pcainfusion_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:hospira:lifecare_pca3:-:*:*:*:*:*:*:*
cpe:2.3:h:hospira:lifecare_pca5:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-07-06 19:59

Updated : 2024-02-04 18:53


NVD link : CVE-2015-1011

Mitre link : CVE-2015-1011

CVE.ORG link : CVE-2015-1011


JSON object : View

Products Affected

hospira

  • lifecare_pca3
  • lifecare_pcainfusion_firmware
  • lifecare_pca5
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor