Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm
Vulnerability Description
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
使用已被攻破或存在风险的密码学算法
Vulnerability Title
Fresenius Kabi Agilia Connect Infusion System 加密问题漏洞
Vulnerability Description
Fresenius Kabi Agilia Connect Infusion System是德国Fresenius Kabi公司的一个输液系统。 Fresenius Kabi Agilia Connect Infusion System存在加密问题漏洞,该漏洞源于Vigilant MasterMed应用程序向使用对称加密密钥签名的经过身份验证的用户发出身份验证令牌。拥有密钥的攻击者可利用该漏洞可以发出有效的jwt并模拟任意用户。
CVSS Information
N/A
Vulnerability Type
N/A