CVEブラウザに戻る

CVE-2021-33884

MEDIUM

6.5

CVSS Severity Score

EPSS Score0.0270%

EPSS Percentile8.59th

Published2021年8月25日

Last Modified2024年11月21日

Vulnerability Description

An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers to upload any files to the /tmp directory of the device through the webpage API. This can result in critical files being overwritten.

Affected Platforms (CPE)

💻

Bbraun

Spacecom2

< 012u000062

References & Advisories

🔗 https://www.bbraunusa.com/en.htm

🔗 https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/

🔗 https://www.bbraunusa.com/en.htm

🔗 https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/

関連する脆弱性情報

CVE-2021-3388510.0

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthen...

CVE-2021-338868.1

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker...

CVE-2021-338826.8

A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker to...

CVE-2021-338835.9

A Cleartext Transmission of Sensitive Information vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote attacker...