Authentication bypass using an alternate path or channel in Hill-Rom Services products - CVE-2021-43935
Published: December 10, 2021
Vulnerability identifier: #VU58818
CSH Severity: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2021-43935
CWE-ID: CWE-288
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Welch Allyn Q-Stress Cardiac Stress Testing System
Welch Allyn X-Scribe Cardiac Stress Testing System
Welch Allyn Diagnostic Cardiology Suite
Welch Allyn Vision Express
Welch Allyn H-Scribe Holter Analysis System
Welch Allyn R-Scribe Resting ECG System
Welch Allyn Connex Cardio
Welch Allyn Q-Stress Cardiac Stress Testing System
Welch Allyn X-Scribe Cardiac Stress Testing System
Welch Allyn Diagnostic Cardiology Suite
Welch Allyn Vision Express
Welch Allyn H-Scribe Holter Analysis System
Welch Allyn R-Scribe Resting ECG System
Welch Allyn Connex Cardio
Software vendor:
Hill-Rom Services
Hill-Rom Services
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to an improper authentication. A remote attacker can gain access to the application as the supplied AD account, with all associated privileges.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.