Sign-up

ID

VAR-201903-0655


CVE

CVE-2015-3954


TITLE

plural Hospira Product Authorization vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-008249

DESCRIPTION

Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. An unauthorized user could issue commands to the pump. Hospira recommends that customers close Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue. Multiple Hospira products are prone to an authorization security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. An issue in the Hospira Plum A+ and Symbiq Infusion Systems could allow an unauthenticated, remote malicious user to execute arbitrary commands of an affected system. The issue exists because the affected software uses an improper mechanism to perform authorization checks on port 23/Telnet by default. An unauthenticated, remote attacker could exploit this issue by transmitting arbitrary commands on the affected system using a vulnerable port. A successful exploit could allow the malicious user to execute arbitrary commands and modify the configuration of the pump on an affected system with root-level privileges. ICS-CERT has confirmed the vulnerability; however, updated software is not available

Trust: 2.07

sources: NVD: CVE-2015-3954 // JVNDB: JVNDB-2015-008249 // BID: 75137 // VULHUB: VHN-81915 // VULMON: CVE-2015-3954

AFFECTED PRODUCTS

vendor:pifzermodel:plum a\+3 infusion systemscope:lteversion:13.6

Trust: 1.0

vendor:pifzermodel:plum a\+ infusion systemscope:lteversion:13.4

Trust: 1.0

vendor:pifzermodel:symbiq infusion systemscope:lteversion:3.13

Trust: 1.0

vendor:pfizermodel:symbiq infusion systemscope:lteversion:3.13

Trust: 0.8

vendor:hospiramodel:plum a+ infusion systemscope:lteversion:13.4

Trust: 0.8

vendor:hospiramodel:plum a+3 infusion systemscope:lteversion:13.6

Trust: 0.8

vendor:hospiramodel:symbiq infusion systemscope:eqversion:3.13

Trust: 0.3

vendor:hospiramodel:plum a+3 infusion systemscope:eqversion:13.6

Trust: 0.3

vendor:hospiramodel:plum a+ infusion systemscope:eqversion:13.4

Trust: 0.3

sources: BID: 75137 // JVNDB: JVNDB-2015-008249 // NVD: CVE-2015-3954

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-3954
value: CRITICAL

Trust: 1.0

NVD: CVE-2015-3954
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201506-473
value: CRITICAL

Trust: 0.6

VULHUB: VHN-81915
value: HIGH

Trust: 0.1

VULMON: CVE-2015-3954
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-3954
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-81915
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2015-3954
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-81915 // VULMON: CVE-2015-3954 // JVNDB: JVNDB-2015-008249 // CNNVD: CNNVD-201506-473 // NVD: CVE-2015-3954

PROBLEMTYPE DATA

problemtype:CWE-285

Trust: 1.9

sources: VULHUB: VHN-81915 // JVNDB: JVNDB-2015-008249 // NVD: CVE-2015-3954

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201506-473

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201506-473

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-008249

PATCH
title:Top Pageurl:https://www.pfizer.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-008249

EXTERNAL IDS
db:NVDid:CVE-2015-3954
Trust: 2.9
db:ICS CERTid:ICSA-15-161-01
Trust: 2.9
db:JVNDBid:JVNDB-2015-008249
Trust: 0.8
db:CNNVDid:CNNVD-201506-473
Trust: 0.7
db:BIDid:75137
Trust: 0.4
db:VULHUBid:VHN-81915
Trust: 0.1
db:VULMONid:CVE-2015-3954
Trust: 0.1
sources:
            
            
            VULHUB: VHN-81915 // 
            
            
            
            VULMON: CVE-2015-3954 // 
            
            
            
            BID: 75137 // 
            
            
            
            JVNDB: JVNDB-2015-008249 // 
            
            
            
            CNNVD: CNNVD-201506-473 // 
            
            
            
            NVD: CVE-2015-3954

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-15-161-01
Trust: 3.0
url:https://nvd.nist.gov/vuln/detail/cve-2015-3954
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3954
Trust: 0.8
url:http://www.hospira.com/en/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/285.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=39312
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-81915 // 
            
            
            
            VULMON: CVE-2015-3954 // 
            
            
            
            BID: 75137 // 
            
            
            
            JVNDB: JVNDB-2015-008249 // 
            
            
            
            CNNVD: CNNVD-201506-473 // 
            
            
            
            NVD: CVE-2015-3954

CREDITS
Billy Rios
Trust: 0.9
sources:
            
            
            BID: 75137 // 
            
            
            
            CNNVD: CNNVD-201506-473

SOURCES
db:VULHUBid:VHN-81915
db:VULMONid:CVE-2015-3954
db:BIDid:75137
db:JVNDBid:JVNDB-2015-008249
db:CNNVDid:CNNVD-201506-473
db:NVDid:CVE-2015-3954

LAST UPDATE DATE
2024-11-23T21:37:35.643000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-81915date:2019-10-09T00:00:00
db:VULMONid:CVE-2015-3954date:2019-10-09T00:00:00
db:BIDid:75137date:2015-06-10T00:00:00
db:JVNDBid:JVNDB-2015-008249date:2019-05-10T00:00:00
db:CNNVDid:CNNVD-201506-473date:2019-10-10T00:00:00
db:NVDid:CVE-2015-3954date:2024-11-21T02:30:08.203

SOURCES RELEASE DATE
db:VULHUBid:VHN-81915date:2019-03-25T00:00:00
db:VULMONid:CVE-2015-3954date:2019-03-25T00:00:00
db:BIDid:75137date:2015-06-10T00:00:00
db:JVNDBid:JVNDB-2015-008249date:2019-05-10T00:00:00
db:CNNVDid:CNNVD-201506-473date:2015-06-24T00:00:00
db:NVDid:CVE-2015-3954date:2019-03-25T17:29:00.670