Vulnerability Details CVE-2020-25154
An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers to redirect users to malicious websites.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.6%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 5.8
References
- https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html
- https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02
- https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory.html
- https://www.cisa.gov/uscert/ics/advisories/icsma-20-296-02
Products affected by CVE-2020-25154
-
cpe:2.3:h:bbraun:datamodule_compactplus:-
-
cpe:2.3:h:bbraun:spacecom:-
-
cpe:2.3:o:bbraun:datamodule_compactplus:a10
-
cpe:2.3:o:bbraun:datamodule_compactplus:a11
-
cpe:2.3:o:bbraun:spacecom:*