漏洞标题
N/A
漏洞描述信息
在Smiths-Medical CADD-Solis Medication Safety Software 1.0、2.0、3.0和3.1版本中发现了一个问题。CADD-Solis Medication Safety Software 允许经过身份验证的用户提升在SQL数据库中的权限,这将使经过身份验证的用户能够修改药库、添加和删除用户并更改用户权限。据Smiths-Medical称,安装药库更新需要访问泵的实体访问权限。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and delete users, and change user permissions. According to Smiths-Medical, physical access to the pump is required to install drug library updates.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Smiths-Medical CADD-Solis Medication Safety Software 安全绕过漏洞
漏洞描述信息
Smiths-Medical CADD-Solis Medication Safety Software是英国Smiths-Medical公司的一套用于设置输液泵剂量安全限制的应用程序。 Smiths-Medical CADD-Solis Medication Safety Software中存在安全绕过漏洞。攻击者可利用该漏洞执行未授权操作。
CVSS信息
N/A
漏洞类别
其他