Search criteria
4 vulnerabilities found for lifecare_pca5 by hospira
CVE-2015-3957 (GCVE-0-2015-3957)
Vulnerability from nvd – Published: 2015-07-06 19:10 – Updated: 2024-08-06 06:04
VLAI?
Summary
Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:01.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "75136",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75136"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "75136",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75136"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-3957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm",
"refsource": "MISC",
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "75136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75136"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-3957",
"datePublished": "2015-07-06T19:10:00",
"dateReserved": "2015-05-12T00:00:00",
"dateUpdated": "2024-08-06T06:04:01.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3459 (GCVE-0-2015-3459)
Vulnerability from nvd – Published: 2015-04-29 23:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://imgur.com/JHiWSqd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/dyngnosis/status/592671049487142913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hextechsecurity.com/?p=123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/dyngnosis/status/592743461977219072"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://imgur.com/CEAnZjj"
},
{
"name": "74414",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://imgur.com/JHiWSqd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/dyngnosis/status/592671049487142913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hextechsecurity.com/?p=123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/dyngnosis/status/592743461977219072"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://imgur.com/CEAnZjj"
},
{
"name": "74414",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
},
{
"name": "http://imgur.com/JHiWSqd",
"refsource": "MISC",
"url": "http://imgur.com/JHiWSqd"
},
{
"name": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm",
"refsource": "MISC",
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "https://twitter.com/dyngnosis/status/592671049487142913",
"refsource": "MISC",
"url": "https://twitter.com/dyngnosis/status/592671049487142913"
},
{
"name": "http://hextechsecurity.com/?p=123",
"refsource": "MISC",
"url": "http://hextechsecurity.com/?p=123"
},
{
"name": "https://twitter.com/dyngnosis/status/592743461977219072",
"refsource": "MISC",
"url": "https://twitter.com/dyngnosis/status/592743461977219072"
},
{
"name": "http://imgur.com/CEAnZjj",
"refsource": "MISC",
"url": "http://imgur.com/CEAnZjj"
},
{
"name": "74414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3459",
"datePublished": "2015-04-29T23:00:00",
"dateReserved": "2015-04-29T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3957 (GCVE-0-2015-3957)
Vulnerability from cvelistv5 – Published: 2015-07-06 19:10 – Updated: 2024-08-06 06:04
VLAI?
Summary
Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:01.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "75136",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75136"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "75136",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75136"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-3957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has unspecified impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm",
"refsource": "MISC",
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "75136",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75136"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01B"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-3957",
"datePublished": "2015-07-06T19:10:00",
"dateReserved": "2015-05-12T00:00:00",
"dateUpdated": "2024-08-06T06:04:01.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-3459 (GCVE-0-2015-3459)
Vulnerability from cvelistv5 – Published: 2015-04-29 23:00 – Updated: 2024-08-06 05:47
VLAI?
Summary
The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:47:57.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://imgur.com/JHiWSqd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/dyngnosis/status/592671049487142913"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hextechsecurity.com/?p=123"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://twitter.com/dyngnosis/status/592743461977219072"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://imgur.com/CEAnZjj"
},
{
"name": "74414",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-30T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://imgur.com/JHiWSqd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/dyngnosis/status/592671049487142913"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hextechsecurity.com/?p=123"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://twitter.com/dyngnosis/status/592743461977219072"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://imgur.com/CEAnZjj"
},
{
"name": "74414",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01"
},
{
"name": "http://imgur.com/JHiWSqd",
"refsource": "MISC",
"url": "http://imgur.com/JHiWSqd"
},
{
"name": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm",
"refsource": "MISC",
"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm"
},
{
"name": "https://twitter.com/dyngnosis/status/592671049487142913",
"refsource": "MISC",
"url": "https://twitter.com/dyngnosis/status/592671049487142913"
},
{
"name": "http://hextechsecurity.com/?p=123",
"refsource": "MISC",
"url": "http://hextechsecurity.com/?p=123"
},
{
"name": "https://twitter.com/dyngnosis/status/592743461977219072",
"refsource": "MISC",
"url": "https://twitter.com/dyngnosis/status/592743461977219072"
},
{
"name": "http://imgur.com/CEAnZjj",
"refsource": "MISC",
"url": "http://imgur.com/CEAnZjj"
},
{
"name": "74414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-3459",
"datePublished": "2015-04-29T23:00:00",
"dateReserved": "2015-04-29T00:00:00",
"dateUpdated": "2024-08-06T05:47:57.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}