Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthenticated network reconfiguration via TCP/UDP
Vulnerability Description
The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to perform a man in the middle attack that modifies parameters making the network connection fail.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
Baxter Spectrum 访问控制错误漏洞
Vulnerability Description
Baxter Spectrum是美国百特(Baxter)公司的一款输液泵。 Baxter Spectrum WBMv16,v16D38,v17,v17D19,v20D29 到 v20D32版本存在访问控制错误漏洞,该漏洞源于容易受到通过应用程序消息传递的格式字符串攻击,攻击者利用该漏洞可以使用它来读取 WBM 中的内存以访问敏感信息或并在 WBM 上造成拒绝服务条件,以下产品和版本受到影响:Sigma Spectrum v6.x 系列型号 35700BAX版本、Sigma Spectrum v8.x 系列
CVSS Information
N/A
Vulnerability Type
N/A