CVE-2020-25165

CVE-2020-25165

Vendor N/A
Product BD Alaris PC Unit and BD Alaris Systems Manager
Weakness CWE-287 · Improper authentication
Published November 13, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager. If exploited, an attacker could perform a denial-of-service attack on the BD Alaris PC Unit by modifying the configuration headers of data in transit. A denial-of-service attack could lead to a drop in the wireless capability of the BD Alaris PC Unit, resulting in manual operation of the PC Unit.

Key dates

02Disclosure timeline

November 13, 2020 CVE published
August 4, 2024 Record updated