Vulnerability Details CVE-2021-41835
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.7%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 5.0
References
Products affected by CVE-2021-41835
-
cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*
-
cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0
-
cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0
-
cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0
-
cpe:2.3:h:fresenius-kabi:agilia_connect:-
-
cpe:2.3:h:fresenius-kabi:link+_agilia:-
-
cpe:2.3:o:fresenius-kabi:agilia_connect:*
-
cpe:2.3:o:fresenius-kabi:link+_agilia_firmware:*
-
cpe:2.3:o:fresenius-kabi:link+_agilia_firmware:3.0