Vulnerabilities > BD > Alaris Systems Manager

DATE CVE VULNERABILITY TITLE RISK
2023-07-13 CVE-2023-30563 Cross-site Scripting vulnerability in BD Alaris Systems Manager 12.3/4.33
A malicious file could be uploaded into a System Manager User Import Function resulting in a hijacked session.
network
low complexity
bd CWE-79
8.2
2023-07-13 CVE-2023-30564 Cross-site Scripting vulnerability in BD Alaris Systems Manager 12.3/4.33
Alaris Systems Manager does not perform input validation during the Device Import Function.
low complexity
bd CWE-79
6.9
2020-11-13 CVE-2020-25165 Improper Authentication vulnerability in BD Alaris 8015 PCU Firmware and Alaris Systems Manager
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager.
network
low complexity
bd CWE-287
7.5