cbcvebase.
CVE-2014-5401
published 2019-03-26

CVE-2014-5401: Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated…

PriorityP265critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
5.01%
91.2th percentile
Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. Hospira has developed a new version of the MedNet software, MedNet 6.1. Existing versions of MedNet can be upgraded to MedNet 6.1.

Affected

1 ranges
VendorProductVersion rangeFixed in
hospiramednet<= 5.8

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2014-5401 targets vulnerable versions of JBoss Enterprise Application Platform bundled with Hospira MedNet ≤5.8; detect unauthenticated remote code execution attempts against JBoss EAP endpoints exposed by MedNet servers
  • An attacker with low skill level can exploit this remotely with no authentication required (CVSS AV:N/AC:L/Au:N); monitor for unexpected unauthenticated connections to JBoss EAP management/HTTP ports on MedNet servers
  • Monitor MedNet servers for unauthorized modifications to medication libraries and pump configurations, which may indicate successful exploitation of CVE-2014-5401
  • Use MD5 checksums on key MedNet files to detect file tampering resulting from code injection via the JBoss EAP vulnerability
  • ·No known public exploits specifically target CVE-2014-5401 at time of advisory publication; exploitation difficulty is rated low skill
  • ·Only MedNet software Version 5.8 and prior are affected; MedNet 6.1 addresses the vulnerable JBoss EAP component

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.