{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T10:52:07.391","vulnerabilities":[{"cve":{"id":"CVE-2021-23195","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-01-21T19:15:07.950","lastModified":"2024-11-21T05:51:21.363","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 has the option for automated indexing (directory listing) activated. When accessing a directory, a web server delivers its entire content in HTML form. If an index file does not exist and directory listing is enabled, all content of the directory will be displayed, allowing an attacker to identify and access files on the server."},{"lang":"es","value":"Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) versión 2.0.1.3, presenta habilitada la opción de indexación automática (listado de directorios). Cuando es accedido a un directorio, el servidor web entrega todo su contenido en forma de HTML. Si no presenta un archivo de índice y el listado de directorios está habilitado, será mostrado todo el contenido del directorio, lo que permitirá a un atacante identificar y acceder a los archivos del servidor"}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-548"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fresenius-kabi:agilia_connect_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"d25","matchCriteriaId":"8B4979F9-A7D5-4B5C-8FF2-C3C67773EE03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fresenius-kabi:agilia_connect:-:*:*:*:*:*:*:*","matchCriteriaId":"D1BBB63E-7E43-4BC1-A08F-4F1F811F839B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fresenius-kabi:agilia_partner_maintenance_software:*:*:*:*:*:*:*:*","versionEndIncluding":"3.3.0","matchCriteriaId":"3B072164-6AA2-4A14-B7D7-10B4B953004D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fresenius-kabi:vigilant_centerium:1.0:*:*:*:*:*:*:*","matchCriteriaId":"C47210A7-4753-4ED7-8E6B-9BE8EBFABC9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fresenius-kabi:vigilant_insight:1.0:*:*:*:*:*:*:*","matchCriteriaId":"9C91B931-F726-4AB2-B3A6-D92F774CF04D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fresenius-kabi:vigilant_mastermed:1.0:*:*:*:*:*:*:*","matchCriteriaId":"04AC7167-F5C8-46A2-B937-953E13D76A32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0","matchCriteriaId":"45FA28DE-939F-4146-A6E2-CE8849C9CB16"},{"vulnerable":true,"criteria":"cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:3.0:-:*:*:*:*:*:*","matchCriteriaId":"7D5FC3D0-9593-487B-B70A-F8BBCA8A18FF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fresenius-kabi:link\\+_agilia_firmware:3.0:d15:*:*:*:*:*:*","matchCriteriaId":"67E88F2E-C12B-4B50-B087-3247F4748AF3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fresenius-kabi:link\\+_agilia:-:*:*:*:*:*:*:*","matchCriteriaId":"1548AA3F-659F-43C3-9261-C7FD55465877"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsma-21-355-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}