In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 | Mitigation Third Party Advisory US Government Resource |
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 | Mitigation Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:12
Type | Values Removed | Values Added |
---|---|---|
References | () https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 - Mitigation, Third Party Advisory, US Government Resource |
Information
Published : 2018-05-24 20:29
Updated : 2024-11-21 04:12
NVD link : CVE-2018-7518
Mitre link : CVE-2018-7518
CVE.ORG link : CVE-2018-7518
JSON object : View
Products Affected
beaconmedaes
- scroll_medical_air_systems
- scroll_medical_air_systems_firmware
CWE
CWE-522
Insufficiently Protected Credentials