An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges on the SQL database, which would allow an authenticated user to modify drug libraries, add and delete users, and change user permissions. According to Smiths-Medical, physical access to the pump is required to install drug library updates.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/94630 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSMA-16-306-01 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2017-02-13T22:00:00
Updated: 2017-02-14T10:57:01
Reserved: 2016-09-28T00:00:00
Link: CVE-2016-8355
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-02-13T22:59:00.133
Modified: 2017-02-28T19:02:02.197
Link: CVE-2016-8355
JSON object: View
Redhat Information
No data.
CWE