VAR-201906-1019
Vulnerability from variot - Updated: 2023-12-18 13:43BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device. Alaris Gateway Workstation Contains an access control vulnerability.Information may be obtained. BDAlarisGatewayWorkstation and others are products of BD Biotech. BDAlarisGatewayWorkstation is a smart infusion system. BDAlarisGS is a medical syringe pump. BDAlarisGH is a medical syringe pump. An access control error vulnerability exists in several BD products. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized operations. BD Alaris Gateway Workstation is prone to an authentication-bypass vulnerability. The following products are affected: BD Alaris Gateway Workstation 1.0.13, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.1.5, 1.1.6 BD Alaris GS 2.3.6 and prior BD Alaris GH 2.3.6 and prior BD Alaris CC 2.3.6 and prior BD Alaris TIVA 2.3.6 and prior. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-1019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "bd",
"version": "1.0.13"
},
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "bd",
"version": "1.1.5"
},
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "bd",
"version": "1.1.6"
},
{
"model": "alaris gateway workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "bd",
"version": "1.1.3"
},
{
"model": "alaris gateway workstation build",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.1.310"
},
{
"model": "alaris gateway workstation mr build",
"scope": "eq",
"trust": 0.9,
"vendor": "bd",
"version": "1.1.311"
},
{
"model": "alaris gateway workstation",
"scope": null,
"trust": 0.8,
"vendor": "becton dickinson and bd",
"version": null
},
{
"model": "alaris gs",
"scope": "lte",
"trust": 0.6,
"vendor": "bd",
"version": "\u003c=2.3.6"
},
{
"model": "alaris gh",
"scope": "lte",
"trust": 0.6,
"vendor": "bd",
"version": "\u003c=2.3.6"
},
{
"model": "alaris cc",
"scope": "lte",
"trust": 0.6,
"vendor": "bd",
"version": "\u003c=2.3.6"
},
{
"model": "alaris tiva",
"scope": "lte",
"trust": 0.6,
"vendor": "bd",
"version": "\u003c=2.3.6"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "alaris gateway workstation",
"version": "1.1.3"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris tiva",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris gs",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris gh",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.3.6"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "2.0"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.9.4"
},
{
"model": "alaris cc",
"scope": "eq",
"trust": 0.3,
"vendor": "bd",
"version": "1.5.10"
},
{
"model": "alaris gateway workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "bd",
"version": "1.6.1"
},
{
"model": "alaris gateway workstation",
"scope": "ne",
"trust": 0.3,
"vendor": "bd",
"version": "1.3.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gateway workstation",
"version": "1.0.13"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gateway workstation",
"version": "1.1.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "alaris gateway workstation",
"version": "1.1.6"
}
],
"sources": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "BID",
"id": "108763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "NVD",
"id": "CVE-2019-10962"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:11:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.1.3:10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:bd:alaris_gateway_workstation_firmware:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:bd:alaris_gateway_workstation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10962"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Elad Luz of CyberMDX reported these vulnerabilities to NCCIC.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
],
"trust": 0.6
},
"cve": "CVE-2019-10962",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-10962",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-21242",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-142561",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2019-10962",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-10962",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2019-21242",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-583",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-142561",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-10962",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "VULHUB",
"id": "VHN-142561"
},
{
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device. Alaris Gateway Workstation Contains an access control vulnerability.Information may be obtained. BDAlarisGatewayWorkstation and others are products of BD Biotech. BDAlarisGatewayWorkstation is a smart infusion system. BDAlarisGS is a medical syringe pump. BDAlarisGH is a medical syringe pump. An access control error vulnerability exists in several BD products. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized operations. BD Alaris Gateway Workstation is prone to an authentication-bypass vulnerability. \nThe following products are affected:\nBD Alaris Gateway Workstation 1.0.13, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.1.5, 1.1.6\nBD Alaris GS 2.3.6 and prior\nBD Alaris GH 2.3.6 and prior\nBD Alaris CC 2.3.6 and prior\nBD Alaris TIVA 2.3.6 and prior. This vulnerability stems from network systems or products not properly restricting access to resources from unauthorized roles",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "BID",
"id": "108763"
},
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "VULHUB",
"id": "VHN-142561"
},
{
"db": "VULMON",
"id": "CVE-2019-10962"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-10962",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSMA-19-164-01",
"trust": 2.9
},
{
"db": "BID",
"id": "108763",
"trust": 2.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.2118",
"trust": 1.2
},
{
"db": "CNNVD",
"id": "CNNVD-201906-583",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2019-21242",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569",
"trust": 0.8
},
{
"db": "IVD",
"id": "77B00F7E-9050-438E-9F16-A553A2A7D5AE",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-142561",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-10962",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "VULHUB",
"id": "VHN-142561"
},
{
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"db": "BID",
"id": "108763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"id": "VAR-201906-1019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "VULHUB",
"id": "VHN-142561"
}
],
"trust": 1.5944444500000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
}
]
},
"last_update_date": "2023-12-18T13:43:21.442000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Alaris Gateway Workstation",
"trust": 0.8,
"url": "https://www.bd.com/en-uk/products/infusion/infusion-interoperability/alaris-gateway-workstation"
},
{
"title": "BDAlarisGatewayWorkstation authentication bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/167051"
},
{
"title": "Multiple BD Product access control error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93804"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/06/13/medical_workstation_vulnerabilities/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/critical-bug-infusion-pump-lives-at-risk/145660/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/critical-bug-in-infusion-system-allows-changing-drug-dose-in-medical-pumps/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-142561"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "NVD",
"id": "CVE-2019-10962"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-19-164-01"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/108763"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10962"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2019.2118/"
},
{
"trust": 0.9,
"url": "https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletins/alaris-gateway-workstation-web-browser-user-interface-lack-of-authentication-"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10962"
},
{
"trust": 0.3,
"url": "https://www.bd.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/critical-bug-infusion-pump-lives-at-risk/145660/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "VULHUB",
"id": "VHN-142561"
},
{
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"db": "BID",
"id": "108763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"db": "VULHUB",
"id": "VHN-142561"
},
{
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"db": "BID",
"id": "108763"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-04T00:00:00",
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"date": "2019-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"date": "2019-06-13T00:00:00",
"db": "VULHUB",
"id": "VHN-142561"
},
{
"date": "2019-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"date": "2019-06-13T00:00:00",
"db": "BID",
"id": "108763"
},
{
"date": "2019-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"date": "2019-06-13T21:29:15.877000",
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"date": "2019-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-07-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-21242"
},
{
"date": "2020-10-02T00:00:00",
"db": "VULHUB",
"id": "VHN-142561"
},
{
"date": "2020-10-02T00:00:00",
"db": "VULMON",
"id": "CVE-2019-10962"
},
{
"date": "2019-06-13T00:00:00",
"db": "BID",
"id": "108763"
},
{
"date": "2019-06-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005569"
},
{
"date": "2020-10-02T14:34:46.360000",
"db": "NVD",
"id": "CVE-2019-10962"
},
{
"date": "2020-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BD Alaris Gateway Workstation Authentication Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "77b00f7e-9050-438e-9f16-a553a2a7d5ae"
},
{
"db": "CNVD",
"id": "CNVD-2019-21242"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-583"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…