RSS   Vulnerabilities for 'Performa'   RSS

2018-05-24
 
CVE-2018-10595

CWE-89
 

 
A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in loss or corruption of data.

 
 
CVE-2018-10593

CWE-89
 

 
A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in data corruption.

 
2017-06-29
 
CVE-2017-6022

CWE-798
 

 
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the confidentiality of limited PHI/PII information stored in the BD Kiestra Database.

 

 >>> Vendor: BD 17 Products
Alaris 8015 pc unit
Performa
Kla journal service
Database manager
Reada
Alaris cc firmware
Alaris gh firmware
Alaris gs firmware
Alaris tiva firmware
Facslyric
Facslyric ivd
Alaris gateway workstation firmware
Alaris cc syringe pump firmware
Alaris gh syringe pump firmware
Alaris gs syringe pump firmware
Alaris tiva syringe pump firmware
Synapsys


Copyright 2024, cxsecurity.com

 

Back to Top