Vulnerability Description
Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hospira | Lifecare Pcainfusion Firmware | <= 5.0 |
| Hospira | Lifecare Pca3 | - |
| Hospira | Lifecare Pca5 | - |
Related Weaknesses (CWE)
References
- http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htmThird Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01AThird Party AdvisoryUS Government Resource
- http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htmThird Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01AThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2015-1011?
CVE-2015-1011 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
How severe is CVE-2015-1011?
CVE-2015-1011 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1011?
Check the references section above for vendor advisories and patch information. Affected products include: Hospira Lifecare Pcainfusion Firmware, Hospira Lifecare Pca3, Hospira Lifecare Pca5.