CVE-2020-12008
Summary
| CVE | CVE-2020-12008 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-06-29 14:15:00 UTC |
| Updated | 2020-07-08 18:22:00 UTC |
| Description | Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an attacker with network access to view sensitive data including PHI. |
Risk And Classification
Problem Types: CWE-319
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Baxter | Em1200 | - | All | All | All |
| Hardware | Baxter | Em1200 | - | All | All | All |
| Operating System | Baxter | Em1200 Firmware | 1.1 | All | All | All |
| Operating System | Baxter | Em1200 Firmware | 1.2 | All | All | All |
| Operating System | Baxter | Em1200 Firmware | 1.1 | All | All | All |
| Operating System | Baxter | Em1200 Firmware | 1.2 | All | All | All |
| Hardware | Baxter | Em2400 | - | All | All | All |
| Hardware | Baxter | Em2400 | - | All | All | All |
| Operating System | Baxter | Em2400 Firmware | 1.10 | All | All | All |
| Operating System | Baxter | Em2400 Firmware | 1.11 | All | All | All |
| Operating System | Baxter | Em2400 Firmware | 1.10 | All | All | All |
| Operating System | Baxter | Em2400 Firmware | 1.11 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Baxter ExactaMix (Update A) | CISA | MISC | www.us-cert.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.