Versio.io

CVE-2022-22766

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-02-2022 08:15
Last modified: - 11-05-2022 04:59
Total changes: - 5

Description

Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic protected health information (ePHI) or other sensitive information.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Low
Attack complexity
Local
Attack vector
None
Availability
High
Confidentiality
None
Integrity
Low
Privileges required
Unchanged
Scope
None
User interaction
5.5
Base score
1.8
3.6
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=bd AND product=pyxis_anesthesia_station_es_firmware
OR
vendor=bd AND product=pyxis_anesthesia_station_es AND version=-
AND
OR
vendor=bd AND product=pyxis_anesthesia_station_4000_firmware
OR
vendor=bd AND product=pyxis_anesthesia_station_4000 AND version=-
AND
OR
vendor=bd AND product=pyxis_cato_firmware
OR
vendor=bd AND product=pyxis_cato AND version=-
AND
OR
vendor=bd AND product=pyxis_ciisafe_firmware
OR
vendor=bd AND product=pyxis_ciisafe AND version=-
AND
OR
vendor=bd AND product=pyxis_inventory_connect_firmware
OR
vendor=bd AND product=pyxis_inventory_connect AND version=-
AND
OR
vendor=bd AND product=pyxis_iv_prep_firmware
OR
vendor=bd AND product=pyxis_iv_prep AND version=-
AND
OR
vendor=bd AND product=pyxis_jitrbud_firmware
OR
vendor=bd AND product=pyxis_jitrbud AND version=-
AND
OR
vendor=bd AND product=pyxis_kanban_rf_firmware
OR
vendor=bd AND product=pyxis_kanban_rf AND version=-
AND
OR
vendor=bd AND product=pyxis_logistics_firmware
OR
vendor=bd AND product=pyxis_logistics AND version=-
AND
OR
vendor=bd AND product=pyxis_med_link_family_firmware
OR
vendor=bd AND product=pyxis_med_link_family AND version=-
AND
OR
vendor=bd AND product=pyxis_medbank_firmware
OR
vendor=bd AND product=pyxis_medbank AND version=-
AND
OR
vendor=bd AND product=pyxis_medstation_4000_firmware
OR
vendor=bd AND product=pyxis_medstation_4000 AND version=-
AND
OR
vendor=bd AND product=pyxis_medstation_es_firmware
OR
vendor=bd AND product=pyxis_medstation_es AND version=-
AND
OR
vendor=bd AND product=pyxis_medstation_es_server_firmware
OR
vendor=bd AND product=pyxis_medstation_es_server AND version=-
AND
OR
vendor=bd AND product=pyxis_parassist_firmware
OR
vendor=bd AND product=pyxis_parassist AND version=-
AND
OR
vendor=bd AND product=pyxis_pharmopack_firmware
OR
vendor=bd AND product=pyxis_pharmopack AND version=-
AND
OR
vendor=bd AND product=pyxis_procedurestation_firmware
OR
vendor=bd AND product=pyxis_procedurestation AND version=-
AND
OR
vendor=bd AND product=pyxis_rapid_rx_firmware
OR
vendor=bd AND product=pyxis_rapid_rx AND version=-
AND
OR
vendor=bd AND product=pyxis_stockstation_firmware
OR
vendor=bd AND product=pyxis_stockstation AND version=-
AND
OR
vendor=bd AND product=pyxis_supplycenter_firmware
OR
vendor=bd AND product=pyxis_supplycenter AND version=-
AND
OR
vendor=bd AND product=pyxis_supplyroller_firmware
OR
vendor=bd AND product=pyxis_supplyroller AND version=-
AND
OR
vendor=bd AND product=pyxis_supplystation_firmware
OR
vendor=bd AND product=pyxis_supplystation AND version=-
AND
OR
vendor=bd AND product=pyxis_track_and_deliver_firmware
OR
vendor=bd AND product=pyxis_track_and_deliver AND version=-
AND
OR
vendor=bd AND product=rowa_pouch_packaging_systems_firmware
OR
vendor=bd AND product=rowa_pouch_packaging_systems AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-22766

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.