{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T17:52:12.114","vulnerabilities":[{"cve":{"id":"CVE-2020-25165","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-11-13T16:15:18.027","lastModified":"2024-11-21T05:17:31.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the BD Alaris Systems Manager. If exploited, an attacker could perform a denial-of-service attack on the BD Alaris PC Unit by modifying the configuration headers of data in transit. A denial-of-service attack could lead to a drop in the wireless capability of the BD Alaris PC Unit, resulting in manual operation of the PC Unit."},{"lang":"es","value":"BD Alaris PC Unit, Model 8015, versiones 9.33.1 y anteriores y BD Alaris Systems Manager, versiones 4.33 y anteriores Los productos afectados son susceptibles a una vulnerabilidad de autenticación de sesión de red dentro del proceso de autenticación entre versiones especificadas del BD Alaris PC Unit y del BD Alaris Systems Manager. Si es explotado, un atacante podría llevar a cabo un ataque de denegación de servicio en el BD Alaris PC Unit para modificar unos encabezados de configuración de los datos en tránsito. Un ataque de denegación de servicio podría conllevar a una perdida en la capacidad inalámbrica del BD Alaris PC Unit, resultando en el funcionamiento manual del PC Unit"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bd:alaris_8015_pcu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"9.33.1","matchCriteriaId":"9B3B2243-0B6E-46C4-8F55-C18179DE4A24"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bd:alaris_8015_pcu:-:*:*:*:*:*:*:*","matchCriteriaId":"5909B9D0-07A7-4AA1-8FF4-CE6DEBCE14DA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bd:alaris_systems_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"4.33","matchCriteriaId":"7E184AA1-0325-46A1-83F4-4299C71F9940"}]}]}],"references":[{"url":"https://us-cert.cisa.gov/ics/advisories/icsma-20-317-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsma-20-317-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}