CVE-2024-5176

Welch Allyn Config Tool <1.9.4.1 - RCE

Title source: llm

Description

Insufficiently Protected Credentials vulnerability in Baxter Welch Allyn Configuration Tool may allow Remote Services with Stolen Credentials.This issue affects Welch Allyn Configuration Tool: versions 1.9.4.1 and prior.

References (1)

[Third Party Advisory, US Government Resource] https://cisa.gov/news-events/ics-medical-advisories/icsma-24-151-01

Scores

EPSS 0.0015

EPSS Percentile 34.9%

Classification

CWE

CWE-522

Status draft

Timeline

Published May 31, 2024

Tracked Since Feb 18, 2026