Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Fresenius Kabi Agilia Connect Infusion System use of client side authentication
Vulnerability Description
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or intentionally bypass the client-side checks. An attacker with knowledge of the service user could circumvent the client-side control and login with service privileges.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
使用客户端的认证机制
Vulnerability Title
Fresenius Kabi Agilia Connect Infusion System 授权问题漏洞
Vulnerability Description
Fresenius Kabi Agilia Connect Infusion System是德国Fresenius Kabi公司的一个输液系统。 Fresenius Kabi Agilia Connect Infusion System存在安全漏洞,该漏洞源于应用程序允许在客户端验证用户输入,而无需服务器验证。攻击者可利用该漏绕过客户端控制并以服务权限登录。
CVSS Information
N/A
Vulnerability Type
N/A