Lucene search
BaxterCVE-2024-6796HistorySep 09, 2024 - 8:15 p.m.
CVE-2024-6796
2024-09-0920:15:05
CWE-284
Baxter
web.nvd.nist.gov
24
access control
baxter connex
unauthorized access
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
8.4
Confidence
High
EPSS
0.001
Percentile
39.6%
In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal’s database and/or modify content.
Affected configurations
Node
baxterconnex_health_portalRange<2024-08-30
| Vendor | Product | Version | CPE |
|---|---|---|---|
| baxter | connex_health_portal | * | cpe:2.3:a:baxter:connex_health_portal:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Connex Health Portal",
"vendor": "Baxter",
"versions": [
{
"lessThan": "8/30/2024",
"status": "affected",
"version": "0",
"versionType": "date"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal
2024-09-09 19:28:30
cvelist
cvelist
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal
2024-09-09 19:28:30
nvd
nvd
CVE-2024-6796
2024-09-09 20:15:05
ics
ics
Baxter Connex Health Portal
2024-09-05 12:00:00
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
8.4
Confidence
High
EPSS
0.001
Percentile
39.6%
Related for CVE-2024-6796