FKIE_CVE-2021-43935

Vulnerability from fkie_nvd - Published: 2021-12-15 19:15 - Updated: 2024-11-21 06:30
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges.
References
ics-cert@hq.dhs.govhttps://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01Mitigation, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01Mitigation, Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
baxter welch_allyn_connex_cardio *
baxter welch_allyn_diagnostic_cardiology_suite 2.1.0
baxter welch_allyn_rscribe_resting_ecg_system *
baxter welch_allyn_vision_express_holter_analysis_system *
baxter welch_allyn_hscribe_holter_analysis_system_firmware *
baxter welch_allyn_hscribe_holter_analysis_system -
baxter welch_allyn_q-stress_cardiac_stress_testing_system_firmware *
baxter welch_allyn_q-stress_cardiac_stress_testing_system -
baxter welch_allyn_xscribe_cardiac_stress_testing_system_firmware *
baxter welch_allyn_xscribe_cardiac_stress_testing_system -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:baxter:welch_allyn_connex_cardio:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9DAE7F6-E2AF-4DF4-AEB0-A62B2A343193",
              "versionEndIncluding": "1.1.1",
              "versionStartIncluding": "1.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:baxter:welch_allyn_diagnostic_cardiology_suite:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D76DAA-4799-4DCD-B7F2-46D17A03A614",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:baxter:welch_allyn_rscribe_resting_ecg_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98FC1911-F92B-4D4A-ABDE-882807F8EF16",
              "versionEndIncluding": "7.0.0",
              "versionStartIncluding": "5.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:baxter:welch_allyn_vision_express_holter_analysis_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AC5DF38-0E45-496E-BBC5-C46D8B77AF16",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "6.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:welch_allyn_hscribe_holter_analysis_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9D8D71-FA01-4E29-A27A-78B7933F96C0",
              "versionEndIncluding": "6.4.0",
              "versionStartIncluding": "5.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:welch_allyn_hscribe_holter_analysis_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5C925E-8AD6-432A-800B-12DC33FCAA67",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:welch_allyn_q-stress_cardiac_stress_testing_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA1AF5C-68D3-4D79-A9F0-2E392BE0FB37",
              "versionEndIncluding": "6.3.1",
              "versionStartIncluding": "6.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:welch_allyn_q-stress_cardiac_stress_testing_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D183E89E-3219-4979-AADF-345A3A6CB815",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:baxter:welch_allyn_xscribe_cardiac_stress_testing_system_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6AF883C-C044-451A-914C-7CA5113670C4",
              "versionEndIncluding": "6.3.1",
              "versionStartIncluding": "5.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:baxter:welch_allyn_xscribe_cardiac_stress_testing_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "34255579-A781-4C23-B78A-E20EA6483330",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges."
    },
    {
      "lang": "es",
      "value": "Los productos afectados, cuando est\u00e1n configurados para usar SSO, est\u00e1n afectados por una vulnerabilidad de autenticaci\u00f3n inapropiada. Esta vulnerabilidad permite que la aplicaci\u00f3n acepte la entrada manual de cualquier cuenta del directorio activo (AD) provista en la aplicaci\u00f3n sin suministrar una contrase\u00f1a, resultando en el acceso a la aplicaci\u00f3n como la cuenta AD suministrada, con todos los privilegios asociados"
    }
  ],
  "id": "CVE-2021-43935",
  "lastModified": "2024-11-21T06:30:01.987",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-15T19:15:15.873",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-288"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.