9 matches found
CVE-2024-10476
Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information PHI and personally identifiable information PII. Exploitation of this...
BD多款产品 安全漏洞
BD BACTEC Blood Culture System and others are products of BD Medical BD, Inc. the BD BACTEC Blood Culture System is a blood culture media system. the BD COR System is a fully automated and integrated high-throughput diagnostic system. the BD EpiCenter Microbiology Data Management System is a...
CVE-2022-30277
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information ePHI, protected health information PHI and...
CVE-2022-30277
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information ePHI, protected health information PHI and...
Session fixation
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information ePHI, protected health information PHI and...
CVE-2022-30277
BD Synapsys, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability (CWE-613) that could allow a threat actor to access, modify, or delete sensitive data (ePHI/PHI/PII). Exploitation is not remotely exploitable per available documents. CVSS v3 base score: 5.7 ...
CVE-2022-30277 BD Synapsys™ – Insufficient Session Expiration
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information ePHI, protected health information PHI and...
CVE-2022-30277
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information ePHI, protected health information PHI and...
BD Synapsys
1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Synapsys Vulnerability: Insufficient Session Expiration 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or delete...