CVE-2014-5421

CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access.
References
Configurations

Configuration 1 (hide)

cpe:2.3:h:carefusion:pyxis_supplystation:8.1:*:*:*:*:*:*:*

History

21 Nov 2024, 02:12

Type Values Removed Values Added
References () https://ics-cert.us-cert.gov/advisories/ICSA-14-288-01 - US Government Resource () https://ics-cert.us-cert.gov/advisories/ICSA-14-288-01 - US Government Resource

Information

Published : 2014-10-19 01:55

Updated : 2024-11-21 02:12


NVD link : CVE-2014-5421

Mitre link : CVE-2014-5421

CVE.ORG link : CVE-2014-5421


JSON object : View

Products Affected

carefusion

  • pyxis_supplystation
CWE
CWE-255

Credentials Management Errors