CVE-2019-10962

MEDIUM Year: 2019
CVSS v3 Score
5.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-284
View all →

Vulnerability Description

BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device.

Related Vulnerabilities

CVE-2015-4902

MEDIUM
CVSS:5.3(Medium)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.

CWE-2842015

CVE-2015-7577

MEDIUM
CVSS:5.3(Medium)

activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1...

CWE-2842015

CVE-2015-8139

MEDIUM
CVSS:5.3(Medium)

ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.

CWE-2842015

CVE-2015-8627

MEDIUM
CVSS:5.3(Medium)

MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers ...

CWE-2842015

CVE-2015-8987

MEDIUM
CVSS:5.3(Medium)

Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possib...

CWE-2842015