Pyxis Supplystation
Monthly
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtain potentially sensitive information by reading a temporary (1) debugging file or (2) developer file. Rated low severity (CVSS 1.9). No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded service password, which makes it easier for remote attackers to obtain access via unspecified vectors. Rated critical severity (CVSS 9.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to obtain potentially sensitive information by reading a temporary (1) debugging file or (2) developer file. Rated low severity (CVSS 1.9). No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded service password, which makes it easier for remote attackers to obtain access via unspecified vectors. Rated critical severity (CVSS 9.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool 1.0.16 and earlier has a hardcoded database password, which makes it easier for local users to gain privileges by leveraging cabinet access. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded application password, which makes it easier for remote authenticated users to obtain application-file access. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.