CVE-2015-3459

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://imgur.com/JHiWSqd", "name": "http://imgur.com/JHiWSqd", "tags": ["Not Applicable"], "refsource": "MISC"}, {"url": "https://twitter.com/dyngnosis/status/592743461977219072", "name": "https://twitter.com/dyngnosis/status/592743461977219072", "tags": ["Press/Media Coverage"], "refsource": "MISC"}, {"url": "https://twitter.com/dyngnosis/status/592671049487142913", "name": "https://twitter.com/dyngnosis/status/592671049487142913", "tags": ["Press/Media Coverage"], "refsource": "MISC"}, {"url": "http://imgur.com/CEAnZjj", "name": "http://imgur.com/CEAnZjj", "tags": ["Not Applicable"], "refsource": "MISC"}, {"url": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm", "name": "http://www.fda.gov/MedicalDevices/Safety/AlertsandNotices/ucm446809.htm", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "MISC"}, {"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-125-01", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "MISC"}, {"url": "http://hextechsecurity.com/?p=123", "name": "http://hextechsecurity.com/?p=123", "tags": ["Broken Link"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/74414", "name": "74414", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuration via unspecified commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-3459", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-04-29T23:59Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:hospira:lifecare_pcainfusion_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:hospira:lifecare_pca5:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:hospira:lifecare_pca3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-01-03T19:16Z"}