Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker with access to the network could observe sensitive treatment and prescription data sent between the Phoenix system and the Exalis tool.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2020-06-29T13:48:04

Updated: 2024-08-04T11:48:57.931Z

Reserved: 2020-04-21T00:00:00

Link: CVE-2020-12048

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-06-29T14:15:11.990

Modified: 2024-11-21T04:59:10.710

Link: CVE-2020-12048

cve-icon Redhat

No data.