CVE-2018-7518

Summary

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.

Affected Software

VendorProductVersion RangeStatus
ICS-CERTBeaconMedæs TotalAlert Scroll Medical Air Systems web applicationAll versions prior to version 4107600010.23affected

Weaknesses

  • CWE-522: INSUFFICIENTLY PROTECTED CREDENTIALS CWE-522

ADP Enrichment

CVE Program Container

Additional References

References