CVE-2014-5400

CVE-2014-5400: Hospira MedNet Password in Configuration File

Vendor Hospira
Product MedNet
Weakness CWE-260
Published April 3, 2015
Last update November 3, 2025

CVSS base score

What the vulnerability does

01Description

The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.

Key dates

02Disclosure timeline

April 3, 2015 CVE published
November 3, 2025 Record updated