10
CVE-2015-3459
- EPSS 5.16%
- Veröffentlicht 29.04.2015 23:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hospira ≫ Lifecare Pcainfusion Firmware Version <= 5.0
Hospira ≫ Lifecare Pca3 Version-
Hospira ≫ Lifecare Pca5 Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.16% | 0.914 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://hextechsecurity.com/?p=123
http://imgur.com/CEAnZjj
http://imgur.com/JHiWSqd
http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm
http://www.securityfocus.com/bid/74414
https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01
https://twitter.com/dyngnosis/status/592671049487142913
https://twitter.com/dyngnosis/status/592743461977219072