CVE-2017-6018 Information

Description

An open redirect issue was discovered in B. Braun Medical SpaceCom module which is integrated into the SpaceStation docking station: SpaceStation with SpaceCom module (integrated as part number 8713142U) software versions prior to Version 012U000040 and SpaceStation (part number 8713140U) with installed SpaceCom module (part number 8713160U) software versions prior to Version 012U000040. The web server of the affected product accepts untrusted input which could allow attackers to redirect the request to an unintended URL contained within untrusted input.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

https://ics-cert.us-cert.gov/advisories/ICSMA-17-082-02

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1