CVE-2017-6022

2017-06-3002:35:00

CWE-259

icscert

www.cve.org

9.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.5%

JSON

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the confidentiality of limited PHI/PII information stored in the BD Kiestra Database.

CNA Affected

[
  {
    "product": "BD Kiestra PerformA and KLA Journal Service",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "BD Kiestra PerformA and KLA Journal Service"
      }
    ]
  }
]