Sql injection

2018-05-2416:29:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.5%

JSON

A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in data corruption.

CPENameOperatorVersion
database_managereq3.0.1.0
performale3.0.0.0
readale1.1.0.2

Name	Operator	Version
database_manager	eq	3.0.1.0
performa	le	3.0.0.0
reada	le	1.1.0.2

References

ics-cert.us-cert.gov/advisories/ICSMA-18-142-01

www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletin-bd-kiestra-tla-bd-kiestra-wca-bd-inoqula