CVE-2022-26388

Name
CVE-2022-26388
Description
A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI 380 Resting Electrocardiograph: Versions 2.6.0 and prior; ELI 280/BUR280/MLBUR 280 Resting Electrocardiograph: Versions 2.3.1 and prior; ELI 250c/BUR 250c Resting Electrocardiograph: Versions 2.1.2 and prior; ELI 150c/BUR 150c/MLBUR 150c Resting Electrocardiograph: Versions 2.2.0 and prior.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
productsecurity@baxter.com https://hillrom.com/en/responsible-disclosures/
productsecurity@baxter.com https://www.cisa.gov/news-events/ics-medical-advisories/icsma-22-167-01

Match rules

CPE URI Source package Min version Max version
eli-380-resting-electrocardiograph >= 0 <= 2.6.0
eli-280/bur280/mlbur-280-resting-electrocardiograph >= 0 <= 2.3.1
eli-250c/bur-250c-resting-electrocardiograph >= 0 <= 2.1.2
eli-150c/bur-150c/mlbur-150c-resting-electrocardiograph >= 0 <= 2.2.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
thunderbird edge-community 91.7.0-r0 None fixed
thunderbird 3.22-community 91.7.0-r0 None fixed
thunderbird 3.21-community 91.7.0-r0 None fixed
thunderbird 3.20-community 91.7.0-r0 None fixed
thunderbird 3.19-community 91.7.0-r0 None fixed
thunderbird 3.18-community 91.7.0-r0 None fixed
thunderbird 3.17-community 91.7.0-r0 None fixed