Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hospira vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2014-5401
Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. Hospira has developed a new version of the MedNet software, MedNet 6.1...
Hospira Mednet
10
CVSSv2
CVE-2015-3956
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior accept drug libraries, firmware updates, pump commands, and unauthorized configuration changes from unauthenticated devices ...
Pifzer Plum A\\+ Infusion System Firmware
Pifzer Plum A\\+3 Infusion System Firmware
Pifzer Symbiq Infusion System Firmware
10
CVSSv2
CVE-2015-3953
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the aff...
Pifzer Plum A\\+ Infusion System Firmware
Pifzer Plum A\\+3 Infusion System Firmware
Pifzer Symbiq Infusion System Firmware
10
CVSSv2
CVE-2015-3954
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. An unauthorized user could issue commands to the pu...
Pifzer Plum A\\+ Infusion System Firmware
Pifzer Plum A\\+3 Infusion System Firmware
Pifzer Symbiq Infusion System Firmware
10
CVSSv2
CVE-2015-3955
Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and previous versions, and possibly other versions, allows remote malicious users to execute arbitrary code via unspecified vectors.
Hospira Lifecare Pcainfusion Firmware
10
CVSSv2
CVE-2015-3459
The communication module on the Hospira LifeCare PCA Infusion System prior to 7.0 does not require authentication for root TELNET sessions, which allows remote malicious users to modify the pump configuration via unspecified commands.
Hospira Lifecare Pcainfusion Firmware
Hospira Lifecare Pca5 -
Hospira Lifecare Pca3 -
9.3
CVSSv2
CVE-2014-5406
The Hospira LifeCare PCA Infusion System prior to 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote malicious users to modify settings or medication data via packets on the (a) T...
Hospira Lifecare Pcainfusion Firmware
9
CVSSv2
CVE-2015-3965
Hospira Symbiq Infusion System 3.13 and previous versions allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function.
Pfizer Symbiq Infusion System Firmware
9
CVSSv2
CVE-2014-5405
Hospira MedNet prior to 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.
Hospira Mednet
7.8
CVSSv2
CVE-2015-3958
Hospira LifeCare PCA Infusion System 5.0 and previous versions, and possibly other versions, allows remote malicious users to cause a denial of service (forced manual reboot) via a flood of TCP packets.
Hospira Lifecare Pcainfusion Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »