CVE-2016-8358

HIGH

Smiths-Medical CADD-Solis Medication Safety Software - Info Disclosure

Title source: llm

Description

An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. The affected software does not verify the identities at communication endpoints, which may allow a man-in-the-middle attacker to gain access to the communication channel between endpoints.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94630

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSMA-16-306-01

Scores

CVSS v3 8.5

EPSS 0.0015

EPSS Percentile 35.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Classification

CWE

CWE-346

Status draft

Affected Products (4)

smiths-medical/cadd-solis_medication_safety_software

Timeline

Published Feb 13, 2017

Tracked Since Feb 18, 2026