CVE-2017-6022
EUVD-2017-1509030.06.2017, 03:29
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the confidentiality of limited PHI/PII information stored in the BD Kiestra Database.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| bd | performa | 𝑥 ≤ 2.0.14.0 |
| bd | kla_journal_service | 𝑥 ≤ 1.0.51 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-259 - Use of Hard-coded PasswordThe software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
- CWE-798 - Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.