CVE-2024-1275

Use of Default Cryptographic Key vulnerability in Baxter Welch Allyn Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Allyn Connex Spot Monitor in all versions prior to 1.52.

CVSS

No CVSS.

References

Link	Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-151-02
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-151-02

Configurations

No configuration.

History

21 Nov 2024, 08:50

Type	Values Removed	Values Added
References	~~() https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-151-02 -~~	() https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-151-02 -

05 Jun 2024, 15:15

Type	Values Removed	Values Added
Summary		(es) El uso de la vulnerabilidad de clave criptográfica predeterminada en Baxter Welch Ally Connex Spot Monitor puede permitir la manipulación de la configuración/entorno. Este problema afecta a Welch Ally Connex Spot Monitor en todas las versiones anteriores a la 1.52.
Summary	(en) Use of Default Cryptographic Key vulnerability in Baxter Welch Ally Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Ally Connex Spot Monitor in all versions prior to 1.52.	(en) Use of Default Cryptographic Key vulnerability in Baxter Welch Allyn Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Allyn Connex Spot Monitor in all versions prior to 1.52.

31 May 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-31 18:15

Updated : 2024-11-21 08:50

NVD link : CVE-2024-1275

Mitre link : CVE-2024-1275

CVE.ORG link : CVE-2024-1275

JSON object : View

Products Affected

No product.

CWE

CWE-1394

Use of Default Cryptographic Key

{"id": "CVE-2024-1275", "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "productsecurity@baxter.com", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 9.1, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-05-31T18:15:10.140", "references": [{"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-151-02", "source": "productsecurity@baxter.com"}, {"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-151-02", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "productsecurity@baxter.com", "description": [{"lang": "en", "value": "CWE-1394"}]}], "descriptions": [{"lang": "en", "value": "Use of Default Cryptographic Key vulnerability in Baxter Welch Allyn Connex Spot Monitor may allow Configuration/Environment Manipulation.This issue affects Welch Allyn Connex Spot Monitor in all versions prior to 1.52."}, {"lang": "es", "value": "El uso de la vulnerabilidad de clave criptogr\u00e1fica predeterminada en Baxter Welch Ally Connex Spot Monitor puede permitir la manipulaci\u00f3n de la configuraci\u00f3n/entorno. Este problema afecta a Welch Ally Connex Spot Monitor en todas las versiones anteriores a la 1.52."}], "lastModified": "2024-11-21T08:50:12.913", "sourceIdentifier": "productsecurity@baxter.com"}