What the vulnerability does

01Description

The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. No patient health data is stored in the database, although some site installations may choose to store personal data.

Key dates

02Disclosure timeline

June 13, 2023 CVE published
January 3, 2025 Record updated