Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fresenius-kabi agilia connect vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-33846
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users.
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
4.3
CVSSv2
CVE-2021-33848
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform unauthorized actions such as stealing internal information and...
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
6.4
CVSSv2
CVE-2021-31562
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an malicious user to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transferred data, manipulate data allegedly secured by SSL/TLS...
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Link+ Firmware
Fresenius-kabi Agilia Link+ Firmware 3.0
5
CVSSv2
CVE-2021-33843
Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.
Fresenius-kabi Agilia Sp Mc Wifi Firmware
7.5
CVSSv2
CVE-2021-23196
The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
7.5
CVSSv2
CVE-2021-23233
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical conf...
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
7.8
CVSSv2
CVE-2021-23236
Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system.
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
5
CVSSv2
CVE-2021-41835
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted ...
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
6.5
CVSSv2
CVE-2021-44464
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
7.5
CVSSv2
CVE-2021-43355
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or...
Fresenius-kabi Vigilant Centerium 1.0
Fresenius-kabi Vigilant Mastermed 1.0
Fresenius-kabi Vigilant Insight 1.0
Fresenius-kabi Agilia Partner Maintenance Software
Fresenius-kabi Agilia Connect Firmware
Fresenius-kabi Link+ Agilia Firmware
Fresenius-kabi Link+ Agilia Firmware 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »