Vulnerabilities > Beaconmedaes

DATE CVE VULNERABILITY TITLE RISK
2018-06-06 CVE-2018-7510 Insufficiently Protected Credentials vulnerability in Beaconmedaes Scroll Medical AIR Systems Firmware
In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software versions prior to 4107600010.23, passwords are presented in plaintext in a file that is accessible without authentication.
network
low complexity
beaconmedaes CWE-522
5.0
2018-05-24 CVE-2018-7526 Forced Browsing vulnerability in Beaconmedaes Scroll Medical AIR Systems Firmware
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access information in the application without authenticating.
network
low complexity
beaconmedaes CWE-425
5.0
2018-05-24 CVE-2018-7518 Insufficiently Protected Credentials vulnerability in Beaconmedaes Scroll Medical AIR Systems Firmware
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.
network
low complexity
beaconmedaes CWE-522
5.0