Welch Allyn Diagnostic Cardiology Products
Brand(s)
Summary
Contact the manufacturer if you require additional information.
Affected products
Affected Products |
Lot or Serial Number |
Model or catalog number |
|---|---|---|
Diagnostic Cardiology Suite (Dcs), Connex Cardio Ecg |
More than 10 numbers, contact manufacturer. |
CC-RXX-WADX, CC-RXX-AADX, CC-RXX-WAXX, DCSS-CXX, DCSS-NXX, CC-RXX-AAXX |
Hscribe System, Vision Express System |
More than 10 numbers, contact manufacturer. |
HSCRIBE-5AX-XXXXX, HSCRIBE-6AC-XXXXA, HSCRIBE-6AC-XXXXC, HSCRIBE-5AA-AAXXB, HSCRIBE-6AA-XXXXA, HSCRIBE-6AB-XXXXB, HSCRIBE-6AC-XXXXB, HSCRIBE-5AC-AXXXB, HSCRIBWS-6AC-XXXXX, HSCRIBE-6AA-XXXXB, HSCRIBE-6AB-XXXXC, HSCRIBE-6AA-XXXXC, HSCRIBE-6AB-XXXXA |
Q-Stress System |
More than 10 numbers, contact manufacturer. |
QSERV-6AA-XXXXA, QR-6AC-AXXXX |
Q-Stress System |
More than 10 numbers, contact manufacturer. |
QS-6AA-AGAAC, QS-6AD-AGAAC, QS6-MLTC1, QS6-ATTD1, QS6-MTTC1, QS6-BLXC1, QS6-BLXCX |
Rscribe System |
More than 10 numbers, contact manufacturer. |
RSCRIBE-6AC-XXAAB, RSCRIBE-6CC-XXAAB, RSCRIBE 6AC-XXAAA, RSCRIBE-6CC-XXAAA |
Xscribe System |
More than 10 numbers, contact manufacturer. |
XSCRIBE-EAA-AABXB, XSCRIBE-5BA-AEAAA, XSERV-6AA-XXXXA, XSCRIBE-5BA-ACAAB, XSCRIBE-6AA-AFAAC, XSCRIBE-6AA-AFAAA, XSCRIBE-5BA-ACAAA, XSCRIBE-5BB-AXBCA |
Issue
Hillrom has become aware of a vulnerability which allows the entry of any username that is provisioned in the application without supplying a password. This will then grant access to the application with the privileges of the username provided. the vulnerability occurs when customer activates single sign-on (SSO) feature in either stand alone, or client/server configurations.
Recall start date: Jan 26, 2022
Additional information
Details
Welch Allyn, Inc.
4341 State Street Road, Skaneateles Falls, New York
United States, 13153