CVE-2017-6018

MEDIUM

Bbraun Station Firmware - Open Redirect

Title source: rule

Description

An open redirect issue was discovered in B. Braun Medical SpaceCom module, which is integrated into the SpaceStation docking station: SpaceStation with SpaceCom module (integrated as part number 8713142U), software versions prior to Version 012U000040, and SpaceStation (part number 8713140U) with installed SpaceCom module (part number 8713160U), software versions prior to Version 012U000040. The web server of the affected product accepts untrusted input which could allow attackers to redirect the request to an unintended URL contained within untrusted input.

References (1)

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSMA-17-082-02

Scores

CVSS v3 6.1

EPSS 0.0015

EPSS Percentile 35.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-601

Status published

Products (2)

bbraun/station_firmware

n/a/B. Braun Medical SpaceCom < B. Braun Medical SpaceCom

Published Jun 30, 2017

Tracked Since Feb 18, 2026