{"containers": {"cna": {"affected": [{"product": "Welch Allyn Q-Stress Cardiac Stress Testing System", "vendor": "Hillrom", "versions": [{"lessThanOrEqual": "6.3.1", "status": "affected", "version": "6.0.0", "versionType": "custom"}]}, {"product": "Welch Allyn X-Scribe Cardiac Stress Testing System", "vendor": "Hillrom", "versions": [{"lessThanOrEqual": "6.3.1", "status": "affected", "version": "5.01", "versionType": "custom"}]}, {"product": "Welch Allyn Diagnostic Cardiology Suite", "vendor": "Hillrom", "versions": [{"status": "affected", "version": "2.1.0"}]}, {"product": "Welch Allyn Vision Express", "vendor": "Hillrom", "versions": [{"lessThanOrEqual": "6.4.0", "status": "affected", "version": "6.1.0", "versionType": "custom"}]}, {"product": "Welch Allyn H-Scribe Holter Analysis System", "vendor": "Hillrom", "versions": [{"lessThanOrEqual": "6.4.0", "status": "affected", "version": "5.01", "versionType": "custom"}]}, {"product": "Welch Allyn R-Scribe Resting ECG System", "vendor": "Hillrom", "versions": [{"lessThanOrEqual": "7.0.0", "status": "affected", "version": "5.01", "versionType": "custom"}]}, {"product": "Welch Allyn Connex Cardio", "vendor": "Hillrom", "versions": [{"lessThanOrEqual": "1.1.1", "status": "affected", "version": "1.0.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Hillrom reported this vulnerability to CISA"}], "datePublic": "2021-12-09T00:00:00", "descriptions": [{"lang": "en", "value": "The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-288", "description": "CWE-288 Authentication Bypass Using an Alternate Path or Channel", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-12-15T18:05:16", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01"}], "solutions": [{"lang": "en", "value": "Hillrom recommends users upgrade to the latest product versions when updated products are available. Information on how to update these products to their new versions can be found on the Hillrom disclosure page."}], "source": {"discovery": "UNKNOWN"}, "title": "ICSMA-21-343-01 Hillrom Welch Allyn Cardio Products", "workarounds": [{"lang": "en", "value": "-Disable the SSO feature in the respective Modality Manager Configuration settings. Please refer to the instructions for use (IFU) and/or service manual for instructions on how to disable SSO.\n-Apply proper network and physical security controls.\n-Apply authentication for server access."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "DATE_PUBLIC": "2021-12-09T17:10:00.000Z", "ID": "CVE-2021-43935", "STATE": "PUBLIC", "TITLE": "ICSMA-21-343-01 Hillrom Welch Allyn Cardio Products"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Welch Allyn Q-Stress Cardiac Stress Testing System", "version": {"version_data": [{"version_affected": "<=", "version_name": "6.0.0", "version_value": "6.3.1"}]}}, {"product_name": "Welch Allyn X-Scribe Cardiac Stress Testing System", "version": {"version_data": [{"version_affected": "<=", "version_name": "5.01", "version_value": "6.3.1"}]}}, {"product_name": "Welch Allyn Diagnostic Cardiology Suite", "version": {"version_data": [{"version_affected": "=", "version_name": "2.1.0", "version_value": "2.1.0"}]}}, {"product_name": "Welch Allyn Vision Express", "version": {"version_data": [{"version_affected": "<=", "version_name": "6.1.0", "version_value": "6.4.0"}]}}, {"product_name": "Welch Allyn H-Scribe Holter Analysis System", "version": {"version_data": [{"version_affected": "<=", "version_name": "5.01", "version_value": "6.4.0"}]}}, {"product_name": "Welch Allyn R-Scribe Resting ECG System", "version": {"version_data": [{"version_affected": "<=", "version_name": "5.01", "version_value": "7.0.0"}]}}, {"product_name": "Welch Allyn Connex Cardio", "version": {"version_data": [{"version_affected": "<=", "version_name": "1.0.0", "version_value": "1.1.1"}]}}]}, "vendor_name": "Hillrom"}]}}, "credit": [{"lang": "eng", "value": "Hillrom reported this vulnerability to CISA"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel"}]}]}, "references": {"reference_data": [{"name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01", "refsource": "MISC", "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01"}]}, "solution": [{"lang": "en", "value": "Hillrom recommends users upgrade to the latest product versions when updated products are available. Information on how to update these products to their new versions can be found on the Hillrom disclosure page."}], "source": {"discovery": "UNKNOWN"}, "work_around": [{"lang": "en", "value": "-Disable the SSO feature in the respective Modality Manager Configuration settings. Please refer to the instructions for use (IFU) and/or service manual for instructions on how to disable SSO.\n-Apply proper network and physical security controls.\n-Apply authentication for server access."}]}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2021-43935", "datePublished": "2021-12-09T00:00:00", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2021-12-15T18:05:16", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:baxter:welch_allyn_connex_cardio:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9DAE7F6-E2AF-4DF4-AEB0-A62B2A343193", "versionEndIncluding": "1.1.1", "versionStartIncluding": "1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:baxter:welch_allyn_diagnostic_cardiology_suite:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "09D76DAA-4799-4DCD-B7F2-46D17A03A614", "vulnerable": true}, {"criteria": "cpe:2.3:a:baxter:welch_allyn_rscribe_resting_ecg_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "98FC1911-F92B-4D4A-ABDE-882807F8EF16", "versionEndIncluding": "7.0.0", "versionStartIncluding": "5.01", "vulnerable": true}, {"criteria": "cpe:2.3:a:baxter:welch_allyn_vision_express_holter_analysis_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "4AC5DF38-0E45-496E-BBC5-C46D8B77AF16", "versionEndIncluding": "6.4.0", "versionStartIncluding": "6.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:baxter:welch_allyn_hscribe_holter_analysis_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D8D71-FA01-4E29-A27A-78B7933F96C0", "versionEndIncluding": "6.4.0", "versionStartIncluding": "5.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:baxter:welch_allyn_hscribe_holter_analysis_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC5C925E-8AD6-432A-800B-12DC33FCAA67", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:baxter:welch_allyn_q-stress_cardiac_stress_testing_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AA1AF5C-68D3-4D79-A9F0-2E392BE0FB37", "versionEndIncluding": "6.3.1", "versionStartIncluding": "6.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:baxter:welch_allyn_q-stress_cardiac_stress_testing_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "D183E89E-3219-4979-AADF-345A3A6CB815", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:baxter:welch_allyn_xscribe_cardiac_stress_testing_system_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E6AF883C-C044-451A-914C-7CA5113670C4", "versionEndIncluding": "6.3.1", "versionStartIncluding": "5.01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:baxter:welch_allyn_xscribe_cardiac_stress_testing_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "34255579-A781-4C23-B78A-E20EA6483330", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges."}, {"lang": "es", "value": "Los productos afectados, cuando est\u00e1n configurados para usar SSO, est\u00e1n afectados por una vulnerabilidad de autenticaci\u00f3n inapropiada. Esta vulnerabilidad permite que la aplicaci\u00f3n acepte la entrada manual de cualquier cuenta del directorio activo (AD) provista en la aplicaci\u00f3n sin suministrar una contrase\u00f1a, resultando en el acceso a la aplicaci\u00f3n como la cuenta AD suministrada, con todos los privilegios asociados"}], "id": "CVE-2021-43935", "lastModified": "2022-07-25T10:39:49.333", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2021-12-15T19:15:15.873", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-343-01"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-288"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}

{}