The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
baxter welch allyn connex cardio |
||
baxter welch allyn diagnostic cardiology suite 2.1.0 |
||
baxter welch allyn rscribe resting ecg system |
||
baxter welch allyn vision express holter analysis system |
||
baxter welch_allyn_hscribe_holter_analysis_system_firmware |
||
baxter welch_allyn_q-stress_cardiac_stress_testing_system_firmware |
||
baxter welch_allyn_xscribe_cardiac_stress_testing_system_firmware |