The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
194 vulnerabilities with CWE-259
CVE-2020-12037
HIGH
Baxter PrismaFlex and PrisMax < 3.0 - Cleartext Transmission of Sensitive Data to PDMS/EMR
CVSS 7.5
CVE-2020-12016
CRITICAL
Baxter ExactaMix - Privilege Escalation
CVSS 9.8
CVE-2020-12012
MEDIUM
Baxter ExactaMix EM 2400 & EM 1200 - Use of Hard-coded Password
CVSS 6.1
CVE-2019-10881
CRITICAL
Xerox AltaLink B80xx/C80xx Firmware < 103.xxx.030.32000 - Unauthenticated Hard-coded Password Bypass
CVSS 9.8
CVE-2019-13530
HIGH
Philips IntelliVue MP Monitors - Use of Hard-coded Password
CVSS 7.2
CVE-2019-3908
HIGH
Premisys Identicard <3.1.190 - Info Disclosure
CVSS 7.5
CVE-2018-25069
HIGH
Netis Netcore Router - Hard-Coded Password
CVSS 7.3
CVE-2018-8870
MEDIUM
Medtronic 24950-24952 - Privilege Escalation
CVSS 6.4
CVE-2017-20039
CRITICAL
SICUNET Access Controller <0.32-05z - Weak Authentication
CVSS 9.8
CVE-2017-6022
CRITICAL
BD PerformA <2.0.14.0 - Info Disclosure
CVSS 9.8
CVE-2017-6039
MEDIUM
Phoenix Broadband PowerAgent SC3 <6.87 - Info Disclosure
CVSS 5.3
CVE-2016-9358
CRITICAL
Marel Food Processing Systems - Hard-Coded Passwords
CVSS 9.8
CVE-2015-3953
CRITICAL
Hospira Plum A+ <13.4, A+3 <13.6, Symbiq <3.13 - Hard-coded Password
CVSS 9.8
CVE-2014-125030
MEDIUM
taoeffect Empress - Hard-Coded Password
CVSS 6.3
CVE-2014-5431
MEDIUM
Baxter SIGMA Spectrum Infusion System 6.05 - Info Disclosure
CVSS 6.8
CVE-2014-5434
CRITICAL
Baxter SIGMA Spectrum Infusion System <6.05 - Info Disclosure
CVSS 9.8
CVE-2014-5405
Hospira MedNet < 5.8 and >= 6.1 - Authenticated Exposure of Sensitive Information via Hardcoded SQL Password
CVE-2014-2363
Morpho Itemiser 3 8.17 - Auth Bypass
CVE-2012-5862
Sinapsi eSolar, eSolar DUO, eSolar Light and sinapsi_firmware < 2.0.2870 - Use of Hard-coded Password
Details
Vulnerabilities
194
Exploit Likelihood
High