CVE-2025-3321

A predefined administrative account is not documented and cannot be deactivated. This account cannot be misused from the network, only by local users on the server.

CVSS

No CVSS.

References

Link	Resource
https://www.bbraun.com/productsecurity

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una cuenta administrativa predefinida no está documentada y no se puede desactivar. Esta cuenta no puede ser utilizada indebidamente desde la red, solo por usuarios locales en el servidor.

06 Jun 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-06 08:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-3321

Mitre link : CVE-2025-3321

CVE.ORG link : CVE-2025-3321

JSON object : View

Products Affected

No product.

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2025-3321", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "productsecurity@bbraun.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-06T08:15:21.183", "references": [{"url": "https://www.bbraun.com/productsecurity", "source": "productsecurity@bbraun.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "productsecurity@bbraun.com", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "A predefined administrative account is not documented and cannot\nbe deactivated. This account cannot be misused from the network, only by local\nusers on the server."}, {"lang": "es", "value": "Una cuenta administrativa predefinida no est\u00e1 documentada y no se puede desactivar. Esta cuenta no puede ser utilizada indebidamente desde la red, solo por usuarios locales en el servidor."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "productsecurity@bbraun.com"}

CVE-2025-3321

JSON object

Attach tags to CVE-2025-3321

Attach tags to `CVE-2025-3321`