Product:

Agilia_connect

(Fresenius\-Kabi)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 2
Date Id Summary Products Score Patch Annotated
2022-01-21 CVE-2021-23207 An attacker with physical access to the host can extract the secrets from the registry and create valid JWT tokens for the Fresenius Kabi Vigilant MasterMed version 2.0.1.3 application and impersonate arbitrary users. An attacker could manipulate RabbitMQ queues and messages by impersonating users. Agilia_connect, Agilia_partner_maintenance_software, Link\+_agilia_firmware, Vigilant_centerium, Vigilant_insight, Vigilant_mastermed 5.5
2022-01-21 CVE-2021-41835 Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service. Agilia_connect, Agilia_partner_maintenance_software, Link\+_agilia_firmware, Vigilant_centerium, Vigilant_insight, Vigilant_mastermed 7.5