Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIcscertCVELIST:CVE-2017-12724
HistoryFeb 15, 2018 - 10:00 a.m.

CVE-2017-12724

2018-02-1510:00:00
icscert
www.cve.org

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.5%

JSON

A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump contains hardcoded credentials, which are not fully initialized. The FTP server is only accessible if the pump is configured to allow FTP connections.

CNA Affected

[
  {
    "product": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
thn 1
ics 1
prion
prion
Hardcoded credentials
2018-02-15 10:29:00
nvd
nvd
CVE-2017-12724
2018-02-15 10:29:00
cve
cve
CVE-2017-12724
2018-02-15 10:29:00
thn
thn
Hackers Can Remotely Access Syringe Infusion Pumps to Deliver Fatal Overdoses
2017-09-09 02:50:00
ics
ics
Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Vulnerabilities (Update A)
2017-12-12 12:00:00

8.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.5%

JSON
Related for CVELIST:CVE-2017-12724
prion1nvd1cve1thn1ics1