CVE-2018-7518

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 Mitigation Third Party Advisory US Government Resource
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 Mitigation Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:beaconmedaes:scroll_medical_air_systems_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:beaconmedaes:scroll_medical_air_systems:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:12

Type Values Removed Values Added
References () https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 - Mitigation, Third Party Advisory, US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 - Mitigation, Third Party Advisory, US Government Resource

Information

Published : 2018-05-24 20:29

Updated : 2024-11-21 04:12


NVD link : CVE-2018-7518

Mitre link : CVE-2018-7518

CVE.ORG link : CVE-2018-7518


JSON object : View

Products Affected

beaconmedaes

  • scroll_medical_air_systems
  • scroll_medical_air_systems_firmware
CWE
CWE-522

Insufficiently Protected Credentials