Vulnerability Details CVE-2021-23196
The web application on Agilia Link+ version 3.0 implements authentication and session management mechanisms exclusively on the client-side and does not protect authentication attributes sufficiently.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.1%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 7.5
References
Products affected by CVE-2021-23196
-
cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*
-
cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0
-
cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0
-
cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0
-
cpe:2.3:h:fresenius-kabi:agilia_connect:-
-
cpe:2.3:h:fresenius-kabi:link+_agilia:-
-
cpe:2.3:o:fresenius-kabi:agilia_connect_firmware:*
-
cpe:2.3:o:fresenius-kabi:link+_agilia_firmware:*
-
cpe:2.3:o:fresenius-kabi:link+_agilia_firmware:3.0