Vulnerability Description
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the confidentiality of limited PHI/PII information stored in the BD Kiestra Database.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bd | Performa | <= 2.0.14.0 |
| Bd | Kla Journal Service | <= 1.0.51 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97057Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSMA-17-082-01MitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/97057Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSMA-17-082-01MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-6022?
CVE-2017-6022 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use har...
How severe is CVE-2017-6022?
CVE-2017-6022 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-6022?
Check the references section above for vendor advisories and patch information. Affected products include: Bd Performa, Bd Kla Journal Service.