CVE-2021-23195 : What You Need to Know
Get insights into CVE-2021-23195 affecting Fresenius Kabi's Vigilant Software Suite. Learn about the impact, technical details, mitigation steps, and recommended patches.
Fresenius Kabi's Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 is affected by a vulnerability that enables automated indexing (directory listing), potentially exposing sensitive information. An attacker can access files on the server when directory listing is active. Several security researchers reported this issue, leading to the identification of the problem.
Understanding CVE-2021-23195
This section provides an overview of the CVE-2021-23195 vulnerability.
What is CVE-2021-23195?
The vulnerability in Fresenius Kabi's Vigilant Software Suite allows unauthorized users to view directory contents, including sensitive files, due to an enabled directory listing feature. This could lead to information exposure and potential security risks.
The Impact of CVE-2021-23195
The impact of this vulnerability is considered medium in severity. Although it requires low complexity to exploit, the potential exposure of sensitive information poses a risk to confidentiality.
Technical Details of CVE-2021-23195
Let's delve into the technical aspects of CVE-2021-23195.
Vulnerability Description
Fresenius Kabi's Vigilant Software Suite version 2.0.1.3 with automated indexing enabled allows attackers to list directory contents, potentially accessing critical files stored on the server.
Affected Systems and Versions
The vulnerability affects Vigilant Software Suite (Mastermed Dashboard) versions earlier than 2.0.1.3, particularly custom versions that lack proper security measures.
Exploitation Mechanism
By exploiting the directory listing feature, attackers can navigate through the server directory structure and access files that were not intended to be publicly visible.
Mitigation and Prevention
To address and prevent the CVE-2021-23195 vulnerability, the following steps can be taken.
Immediate Steps to Take
Users are advised to take immediate defensive actions to reduce the risk of exploitation:
- Minimize network exposure for control system devices
- Isolate control system networks from the business network
- Implement secure remote access methods such as VPNs
Long-Term Security Practices
Long-term security practices include maintaining up-to-date software and implementing network segmentation to enhance system security.
Patching and Updates
Fresenius Kabi has released updated versions to mitigate the vulnerability. Users should update to the following versions:
- Link+ v3.0 (D16 or later)
- VSS v1.0.3 (or later)
- Agilia Connect Pumps Wifi Module (D29 or later)
- Agilia Connect Partner v3.3.2 (or later)
For early Link+ devices requiring hardware changes, users should follow CISA recommendations until the devices can be replaced.
For further assistance on updating to the latest versions, contact Fresenius Kabi online or at 1-800-333-6925.