Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-22766
HistoryFeb 11, 2022 - 7:15 p.m.

CVE-2022-22766

2022-02-1119:15:08
CWE-798
[email protected]
web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

10.5%

JSON

Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic protected health information (ePHI) or other sensitive information.

Affected configurations

NVD
Node
bdpyxis_anesthesia_station_es_firmware
AND
bdpyxis_anesthesia_station_esMatch-
Node
bdpyxis_anesthesia_station_4000_firmware
AND
bdpyxis_anesthesia_station_4000Match-
Node
bdpyxis_cato_firmware
AND
bdpyxis_catoMatch-
Node
bdpyxis_ciisafe_firmware
AND
bdpyxis_ciisafeMatch-
Node
bdpyxis_inventory_connect_firmware
AND
bdpyxis_inventory_connectMatch-
Node
bdpyxis_iv_prep_firmware
AND
bdpyxis_iv_prepMatch-
Node
bdpyxis_jitrbud_firmware
AND
bdpyxis_jitrbudMatch-
Node
bdpyxis_kanban_rf_firmware
AND
bdpyxis_kanban_rfMatch-
Node
bdpyxis_logistics_firmware
AND
bdpyxis_logisticsMatch-
Node
bdpyxis_med_link_family_firmware
AND
bdpyxis_med_link_familyMatch-
Node
bdpyxis_medbank_firmware
AND
bdpyxis_medbankMatch-
Node
bdpyxis_medstation_4000_firmware
AND
bdpyxis_medstation_4000Match-
Node
bdpyxis_medstation_es_firmware
AND
bdpyxis_medstation_esMatch-
Node
bdpyxis_medstation_es_server_firmware
AND
bdpyxis_medstation_es_serverMatch-
Node
bdpyxis_parassist_firmware
AND
bdpyxis_parassistMatch-
Node
bdpyxis_pharmopack_firmware
AND
bdpyxis_pharmopackMatch-
Node
bdpyxis_procedurestation_firmware
AND
bdpyxis_procedurestationMatch-
Node
bdpyxis_rapid_rx_firmware
AND
bdpyxis_rapid_rxMatch-
Node
bdpyxis_stockstation_firmware
AND
bdpyxis_stockstationMatch-
Node
bdpyxis_supplycenter_firmware
AND
bdpyxis_supplycenterMatch-
Node
bdpyxis_supplyroller_firmware
AND
bdpyxis_supplyrollerMatch-
Node
bdpyxis_supplystation_firmware
AND
bdpyxis_supplystationMatch-
Node
bdpyxis_track_and_deliver_firmware
AND
bdpyxis_track_and_deliverMatch-
Node
bdrowa_pouch_packaging_systems_firmware
AND
bdrowa_pouch_packaging_systemsMatch-

Related

ics 1
cve 1
prion 1
cvelist 1
trellix 2
ics
ics
BD Pyxis
2022-03-03 12:00:00
cve
cve
CVE-2022-22766
2022-02-12 00:00:00
prion
prion
Hardcoded credentials
2022-02-11 19:15:00
cvelist
cvelist
CVE-2022-22766 BD Pyxis Products - Hardcoded Credentials
2022-02-12 00:00:00
trellix
trellix
Connected Healthcare: A Cybersecurity Battlefield We Must Win
2022-06-06 00:00:00
Connected Healthcare: A Cybersecurity Battlefield We Must Win
2022-06-06 00:00:00

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

10.5%

JSON
Related for NVD:CVE-2022-22766
ics1cve1prion1cvelist1trellix2