CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1012

Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System. According to Hospira, version 3 of the LifeCare PCA Infusion System is not indicated for wireless use, is not shipped with wireless capabilities, and should not be modified to be used in a wireless capacity in a clinical setting. Hospira has developed a new version of the PCS Infusion System, version 7.0 that addresses the identified vulnerabilities. Version 7.0 has Port 20/FTP and Port 23/TELNET closed by default to prevent unauthorized access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2015-1012

Pfizer » Lifecare Pca Infusion System » Version: N/A

cpe:2.3:h:pfizer:lifecare_pca_infusion_system:-
Pfizer » Lifecare Pca Infusion System Firmware » Version: 3.0

cpe:2.3:o:pfizer:lifecare_pca_infusion_system_firmware:3.0
Pfizer » Lifecare Pca Infusion System Firmware » Version: 5.0

cpe:2.3:o:pfizer:lifecare_pca_infusion_system_firmware:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1012

Products

Pricing

Contact Us