Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hospira vulnerabilities and exploits
(subscribe to this query)
409
VMScore
CVE-2015-3957
Hospira LifeCare PCA Infusion System prior to 7.0 stores private keys and certificates, which has unspecified impact and attack vectors.
Hospira Lifecare Pcainfusion Firmware
Hospira Lifecare Pca5 -
Hospira Lifecare Pca3 -
890
VMScore
CVE-2015-3459
The communication module on the Hospira LifeCare PCA Infusion System prior to 7.0 does not require authentication for root TELNET sessions, which allows remote malicious users to modify the pump configuration via unspecified commands.
Hospira Lifecare Pcainfusion Firmware
Hospira Lifecare Pca5 -
Hospira Lifecare Pca3 -
668
VMScore
CVE-2015-7909
Stack-based buffer overflow in Hospira Communication Engine (CE) prior to 1.2 in LifeCare PCA Infusion System 5.07, Plum A+ Infusion System 13.40, and Plum A+3 Infusion System 13.40 allows remote malicious users to cause a denial of service or possibly have unspecified other impa...
Hospira Communication Engine
Hospira Lifecare Pca Infusion System 5.0.7
445
VMScore
CVE-2015-1011
Hospira LifeCare PCA Infusion System prior to 7.0 has hardcoded credentials, which makes it easier for remote malicious users to obtain access via unspecified vectors.
Hospira Lifecare Pcainfusion Firmware
890
VMScore
CVE-2015-3955
Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and previous versions, and possibly other versions, allows remote malicious users to execute arbitrary code via unspecified vectors.
Hospira Lifecare Pcainfusion Firmware
694
VMScore
CVE-2015-3958
Hospira LifeCare PCA Infusion System 5.0 and previous versions, and possibly other versions, allows remote malicious users to cause a denial of service (forced manual reboot) via a flood of TCP packets.
Hospira Lifecare Pcainfusion Firmware
890
VMScore
CVE-2014-5401
Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. Hospira has developed a new version of the MedNet software, MedNet 6.1...
Hospira Mednet
445
VMScore
CVE-2014-5403
Hospira MedNet prior to 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote malicious users to obtain sensitive information by sniffing the network.
Hospira Mednet
801
VMScore
CVE-2014-5405
Hospira MedNet prior to 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password.
Hospira Mednet
187
VMScore
CVE-2014-5400
The installation component in Hospira MedNet prior to 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.
Hospira Mednet
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »