Vulnerabilities > CVE-2005-2285 - Unspecified vulnerability in ESI products Webeoc

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

esi-products

NVD

Published: 2005-07-18

Updated: 2008-09-05

Summary

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.

Vulnerable Configurations

Part	Description	Count
Application	Esi_Products ESI Products Webeoc *	1

References

http://www.kb.cert.org/vuls/id/165290
http://www.kb.cert.org/vuls/id/JGEI-6BWPXL