← volver
CVE-2021-41835

Fresenius Kabi Agilia Connect Infusion System use of a broken or risky cryptographic algorithm

CVSS 7.3 HIGHEPSS 0.3%CWE-327
Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Productos afectados
Fresenius Kabi · Agilia Link+

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01