An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. The affected software does not verify the identities at communication endpoints, which may allow a man-in-the-middle attacker to gain access to the communication channel between endpoints.
Weakness
The product does not properly verify that the source of data or communication is valid.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cadd-solis_medication_safety_software | Smiths-medical | 1.0 (including) | 1.0 (including) |
| Cadd-solis_medication_safety_software | Smiths-medical | 2.0 (including) | 2.0 (including) |
| Cadd-solis_medication_safety_software | Smiths-medical | 3.0 (including) | 3.0 (including) |
| Cadd-solis_medication_safety_software | Smiths-medical | 3.1 (including) | 3.1 (including) |
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/111.html
- https://cwe.mitre.org/data/definitions/141.html
- https://cwe.mitre.org/data/definitions/142.html
- https://cwe.mitre.org/data/definitions/160.html
- https://cwe.mitre.org/data/definitions/21.html
- https://cwe.mitre.org/data/definitions/384.html
- https://cwe.mitre.org/data/definitions/385.html
- https://cwe.mitre.org/data/definitions/386.html
- https://cwe.mitre.org/data/definitions/387.html
- https://cwe.mitre.org/data/definitions/388.html
- https://cwe.mitre.org/data/definitions/510.html
- https://cwe.mitre.org/data/definitions/59.html
- https://cwe.mitre.org/data/definitions/60.html
- https://cwe.mitre.org/data/definitions/75.html
- https://cwe.mitre.org/data/definitions/76.html
- https://cwe.mitre.org/data/definitions/89.html