Vulnerabilities (CVE)

Filtered by vendor Fresenius-kabi Subscribe

Filtered by product Agilia Connect Firmware

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-33848	1 Fresenius-kabi	8 Agilia Connect, Agilia Connect Firmware, Agilia Partner Maintenance Software and 5 more	2022-01-28	4.3 MEDIUM	6.1 MEDIUM
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is vulnerable to reflected cross-site scripting attacks. An attacker could inject JavaScript in a GET parameter of HTTP requests and perform unauthorized actions such as stealing internal information and performing actions in context of an authenticated user.
CVE-2021-23195	1 Fresenius-kabi	8 Agilia Connect, Agilia Connect Firmware, Agilia Partner Maintenance Software and 5 more	2022-01-28	5.0 MEDIUM	5.3 MEDIUM
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listing is enabled, all content of the directory will be displayed, allowing an attacker to identify and access files on the server.