CVE-2020-12036
N/A
N/A
Summary
Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system. An attacker could observe sensitive data sent from the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Baxter PrismaFlex and PrisMax | PrismaFlex all versions, PrisMax all versions prior to 3.x | affected |
Weaknesses
- CWE-319: CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.