CVE-2016-8358 describes a network-facing authentication weakness in Smiths-Medical CADD-Solis Medication Safety Software versions 1.0, 2.0, 3.0, and 3.1. According to NVD and the referenced ICS-CERT advisory, the software does not verify identities at communication endpoints, which can let a man-in-the-middle attacker intercept or access the communication channel between endpoints. NVD assigns CVSS 3.0 ve [truncated]
CVE-2016-8355 is a critical privilege-escalation issue in Smiths-Medical CADD-Solis Medication Safety Software versions 1.0, 2.0, 3.0, and 3.1. A successfully authenticated user may gain elevated SQL-database privileges, which can be used to modify drug libraries, add and delete users, and change permissions. The CVE was published on 2017-02-13 and the supplied NVD record was later modified on 2026-05-13.
