CVE-2020-12041
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/06/2020
Last modified:
08/07/2020
Description
The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot.
Impact
Base Score 3.x
9.40
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:baxter:sigma_spectrum_infusion_system_firmware:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:h:baxter:sigma_spectrum_infusion_system:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:baxter:wireless_battery_module:17:*:*:*:*:*:*:* | ||
| cpe:2.3:h:baxter:wireless_battery_module:20d29:*:*:*:*:*:*:* | ||
| cpe:2.3:h:baxter:wireless_battery_module:20d30:*:*:*:*:*:*:* | ||
| cpe:2.3:h:baxter:wireless_battery_module:20d31:*:*:*:*:*:*:* | ||
| cpe:2.3:h:baxter:wireless_battery_module:22d24:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page