Lucene search
HistorySep 09, 2024 - 8:15 p.m.
CVE-2024-6796
cve-2024-6796
baxter connex
access control
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS
0.001
Percentile
39.6%
In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal’s database and/or modify content.
Affected configurations
Node
baxterconnex_health_portalRange<2024-08-30
| Vendor | Product | Version | CPE |
|---|---|---|---|
| baxter | connex_health_portal | * | cpe:2.3:a:baxter:connex_health_portal:*:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal
2024-09-09 19:28:30
cvelist
cvelist
CVE-2024-6796 Vulnerability in Baxter Connex Health Portal
2024-09-09 19:28:30
cve
cve
CVE-2024-6796
2024-09-09 20:15:05
ics
ics
Baxter Connex Health Portal
2024-09-05 12:00:00
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS
0.001
Percentile
39.6%
Related for NVD:CVE-2024-6796