CVE-2021-23196
HIGHAgilia Link+ <3.0 - Info Disclosure
Title source: llmDescription
The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.
Scores
CVSS v3
7.3
EPSS
0.0026
EPSS Percentile
49.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Classification
CWE
CWE-522
CWE-287
Status
published
Affected Products (8)
fresenius-kabi/agilia_connect_firmware
< d25
fresenius-kabi/agilia_partner_maintenance_software
< 3.3.0
fresenius-kabi/vigilant_centerium
fresenius-kabi/vigilant_insight
fresenius-kabi/vigilant_mastermed
fresenius-kabi/link\+_agilia_firmware
< 3.0
fresenius-kabi/link\+_agilia_firmware
fresenius-kabi/link\+_agilia_firmware
Timeline
Published
Jan 21, 2022
Tracked Since
Feb 18, 2026