Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fresenius-kabi agilia partner maintenance software vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-44464
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Link\\+ Agilia Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
9.8
CVSSv3
CVE-2021-23196
The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Link\\+ Agilia Firmware 3.0
Fresenius-kabi Link\\+ Agilia Firmware
5.5
CVSSv3
CVE-2021-23207
An attacker with physical access to the host can extract the secrets from the registry and create valid JWT tokens for the Fresenius Kabi Vigilant MasterMed version 2.0.1.3 application and impersonate arbitrary users. An attacker could manipulate RabbitMQ queues and messages by i...
Fresenius-kabi Agilia Connect
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Link\\+ Agilia Firmware 3.0
Fresenius-kabi Link\\+ Agilia Firmware
7.5
CVSSv3
CVE-2021-23236
Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system.
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link\\+ Agilia Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
5.3
CVSSv3
CVE-2021-23195
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listi...
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Link\\+ Agilia Firmware 3.0
Fresenius-kabi Link\\+ Agilia Firmware
9.8
CVSSv3
CVE-2021-23233
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical conf...
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link\\+ Agilia Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
7.2
CVSSv3
CVE-2021-33846
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users.
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link\\+ Agilia Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
6.1
CVSSv3
CVE-2021-33848
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform unauthorized actions such as stealing internal information and...
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Link\\+ Agilia Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
9.1
CVSSv3
CVE-2021-31562
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an malicious user to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transferred data, manipulate data allegedly secured by SSL/TLS...
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Agilia Link\\+ Firmware
Fresenius-kabi Agilia Link\\+ Firmware 3.0
9.8
CVSSv3
CVE-2021-43355
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or...
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link\\+ Agilia Firmware 3.0
Fresenius-kabi Link\\+ Agilia Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »