cvedb.io
CVE-2021-43935
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2021-12-15T19:15:15.873 · Last modified 2026-06-17T04:11:39.390

Summary

The impacted products, when configured to use SSO, are affected by an improper authentication vulnerability. This vulnerability allows the application to accept manual entry of any active directory (AD) account provisioned in the application without supplying a password, resulting in access to the application as the supplied AD account, with all associated privileges.

Affected products

baxter — welch_allyn_connex_cardio

Does this affect you?

Add your gear to cvedb and we'll alert you only when baxter ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.