CVE-2018-7518

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.
References
Link Resource
https://ics-cert.us-cert.gov/advisories/ICSMA-18-144-01 Mitigation Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:beaconmedaes:scroll_medical_air_systems_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:beaconmedaes:scroll_medical_air_systems:-:*:*:*:*:*:*:*

Information

Published : 2018-05-24 13:29

Updated : 2019-10-09 16:42


NVD link : CVE-2018-7518

Mitre link : CVE-2018-7518


JSON object : View

CWE
CWE-522

Insufficiently Protected Credentials

Advertisement

dedicated server usa

Products Affected

beaconmedaes

  • scroll_medical_air_systems
  • scroll_medical_air_systems_firmware