Vulnerabilities > Pifzer

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-25	CVE-2015-3956	Insufficient Verification of Data Authenticity vulnerability in Pifzer products Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior accept drug libraries, firmware updates, pump commands, and unauthorized configuration changes from unauthenticated devices on the host network. network low complexity pifzer CWE-345 critical	9.8
2019-03-25	CVE-2015-3954	Improper Authorization vulnerability in Pifzer products Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. network low complexity pifzer CWE-285 critical	9.8
2019-03-25	CVE-2015-3953	Use of Hard-coded Credentials vulnerability in Pifzer products Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. network low complexity pifzer CWE-798 critical	9.8
2019-03-25	CVE-2015-3952	Information Exposure vulnerability in Pifzer products Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. network low complexity pifzer CWE-200	7.5

Vulnerabilities > Pifzer {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Pifzer"}]}