CVE-2020-12036

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system. An attacker could observe sensitive data sent from the device.
References
Configurations

Configuration 1


Information

Published : 2020-06-29 02:15

Updated : 2020-07-14 03:40


NVD link : CVE-2020-12036

Mitre link : CVE-2020-12036

Products Affected
No products.
CWE
CWE-319

Cleartext Transmission of Sensitive Information