Lack of Transport Layer Encryption in Fresenius Kabi Agilia Link + Version 3.0

Lack of Transport Layer Encryption in Fresenius Kabi Agilia Link + Version 3.0

CVE-2021-41835 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port TCP/80 to the encrypted service.

Learn more about our Web Application Penetration Testing UK.