HIGH🇬🇧 English

CVE-2020-25170

CVSS 7.8v3.1pub. 2020-11-06upd. 2024-11-21

An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Bbraun Onlinesuite Application Package

    APP
    Bbraun
    ≤ 3.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-25172CRITICAL9.8ten sam produkt

A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated...

CVE-2020-25174HIGH7.8ten sam produkt

A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to...

CVE-2021-33885CRITICAL10.0ten sam vendor

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allo...

CVE-2020-25150HIGH7.6ten sam vendor

A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Da...

CVE-2020-25156HIGH7.2ten sam vendor

Active debug code in the B. Braun Melsungen AG SpaceCom Version L8/U61, and the Data module compactplus Versio...