GCVE - cpe:2.3:a:hospira:mednet:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:hospira:mednet:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Hospira (`c0d9e8bb-f70a-5b1e-b62f-95531b009d1a`)
Product	Mednet (`8d04b031-a764-5b1c-b38f-86831e0497dc`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-5405`	vulnerable	2026-06-08 05:05:47.838735	Hospira MedNet Use of Hard-coded Password Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password. Published: 2015-04-03T10:00:00.000Z Updated: 2025-11-03T18:25:50.764Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03 https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-5403`	vulnerable	2026-06-08 05:05:47.838374	Hospira MedNet Use of Hard-coded Cryptographic Key Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the network. Published: 2015-04-03T10:00:00.000Z Updated: 2025-11-03T18:22:39.434Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03 https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-5401`	vulnerable	2026-06-08 05:05:47.837976	Hospira MedNet Code Injection Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. Hospira has developed a new version of the MedNet software, MedNet 6.1. Existing versions of MedNet can be upgraded to MedNet 6.1. Published: 2019-03-26T16:21:54.000Z Updated: 2025-11-03T18:20:04.649Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03 https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-5400`	vulnerable	2026-06-08 05:05:47.837530	Hospira MedNet Password in Configuration File The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file. Published: 2015-04-03T10:00:00.000Z Updated: 2025-11-03T18:26:56.284Z Open on db.gcve.eu Reference links https://www.cisa.gov/news-events/ics-advisories/icsa-15-090-03 https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2015/icsa-15-090-03.json	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.