MidnightBSD

Advisories for fresenius-kabi

CVE-2021-23195 MEDIUM

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listing is enabled, all content of the directory will be displayed, allowing an attacker to identify and access files on the server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-548,CWE-200,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-23196 HIGH

The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-522,CWE-287,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-23207 LOW

An attacker with physical access to the host can extract the secrets from the registry and create valid JWT tokens for the Fresenius Kabi Vigilant MasterMed version 2.0.1.3 application and impersonate arbitrary users. An attacker could manipulate RabbitMQ queues and messages by impersonating users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
ics-cert@hq.dhs.gov 6.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 2.0 4.0

CVSS 2.0

Severity: LOW

Problem Type: CWE-256,CWE-522,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-23233 HIGH

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any authentication information such as the session cookie. An attacker can send requests to sensitive endpoints as an unauthenticated user to perform critical actions or modify critical configuration parameters.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,CWE-798,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-23236 HIGH

Requests may be used to interrupt the normal operation of the device. When exploited, Fresenius Kabi Agilia Link+ version 3.0 must be rebooted via a hard reset triggered by pressing a button on the rack system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,CWE-400,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-31562 MEDIUM

The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies that may allow an attacker to compromise SSL/TLS sessions in different ways. An attacker may be able to eavesdrop on transferred data, manipulate data allegedly secured by SSL/TLS, and impersonate an entity to gain access to sensitive information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,CWE-327,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi vigilant_insight 1.0
fresenius-kabi agilia_link+_firmware *
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi agilia_link+_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-33843 MEDIUM

Fresenius Kabi Agilia SP MC WiFi vD25 and prior has a default configuration page accessible without authentication. An attacker may use this functionality to change the exposed configuration values such as network settings.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4
ics-cert@hq.dhs.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-552,CWE-306,

Products Affected

Vendor Product Version
fresenius-kabi agilia_sp_mc_wifi_firmware *
CVE-2021-33846 MEDIUM

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues authentication tokens to authenticated users that are signed with a symmetric encryption key. An attacker in possession of the key can issue valid JWTs and impersonate arbitrary users.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N 0.7 5.2
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,CWE-327,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-33848 MEDIUM

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform unauthorized actions such as stealing internal information and performing actions in context of an authenticated user.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
ics-cert@hq.dhs.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-41835 MEDIUM

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,CWE-319,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-43355 HIGH

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 allows user input to be validated on the client side without authentication by the server. The server should not rely on the correctness of the data because users might not support or block JavaScript or intentionally bypass the client-side checks. An attacker with knowledge of the service user could circumvent the client-side control and login with service privileges.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-603,CWE-287,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2021-44464 MEDIUM

Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
ics-cert@hq.dhs.gov 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-798,CWE-798,

Products Affected

Vendor Product Version
fresenius-kabi vigilant_centerium 1.0
fresenius-kabi link+_agilia_firmware *
fresenius-kabi vigilant_insight 1.0
fresenius-kabi vigilant_mastermed 1.0
fresenius-kabi link+_agilia_firmware 3.0
fresenius-kabi agilia_connect_firmware *
fresenius-kabi agilia_partner_maintenance_software *
CVE-2022-45611

An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated privileges via via capture of user login information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
fresenius-kabi pharmahelp_firmware 5.1.759.0