{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T13:08:43.318","vulnerabilities":[{"cve":{"id":"CVE-2020-12008","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-06-29T14:15:10.973","lastModified":"2024-11-21T04:59:06.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an attacker with network access to view sensitive data including PHI."},{"lang":"es","value":"Los sistemas Baxter ExactaMix EM 2400 Versiones 1.10, 1.11 y ExactaMix EM1200 Versiones 1.1, 1.2, usan mensajes de texto sin cifrar para comunicar información de pedidos con un sistema de ingreso de pedidos. Esto podría permitir a un atacante con acceso a la red visualizar datos confidenciales, incluyendo la PHI"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:N\/C:P\/I:N\/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:baxter:em2400_firmware:1.10:*:*:*:*:*:*:*","matchCriteriaId":"11DFA9E3-77C8-4978-809C-D5B2EB5B7F7E"},{"vulnerable":true,"criteria":"cpe:2.3:o:baxter:em2400_firmware:1.11:*:*:*:*:*:*:*","matchCriteriaId":"01A12E3A-C493-4696-8031-7A6C1A0FDEF4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:baxter:em2400:-:*:*:*:*:*:*:*","matchCriteriaId":"244BA6D0-A33D-419C-B532-E62C9AE45F9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:baxter:em1200_firmware:1.1:*:*:*:*:*:*:*","matchCriteriaId":"FA9FF60A-7CED-4FA3-8247-4EF8FD8BAFD4"},{"vulnerable":true,"criteria":"cpe:2.3:o:baxter:em1200_firmware:1.2:*:*:*:*:*:*:*","matchCriteriaId":"9AC04969-E684-4D21-B889-A76DC4B54017"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:baxter:em1200:-:*:*:*:*:*:*:*","matchCriteriaId":"9AE1B01A-DA95-477B-95F6-43F8FD7827FF"}]}]}],"references":[{"url":"https:\/\/www.us-cert.gov\/ics\/advisories\/icsma-20-170-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https:\/\/www.us-cert.gov\/ics\/advisories\/icsma-20-170-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}