CVE Vulnerabilities

CVE-2015-3459

Published: Apr 29, 2015 | Modified: Jan 03, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands.

Affected Software

Name Vendor Start Version End Version
Lifecare_pcainfusion_firmware Hospira * 5.0

References