In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between September 09-10, 2024.
During this period, The National Vulnerability Database published 56, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 7
High: 11
Medium: 24
Low: 1
Severity Not Assigned: 13
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-8584
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in.
References: https://www.twcert.org.tw/en/cp-139-8040-948ef-2.html
https://www.twcert.org.tw/tw/cp-132-8039-24e48-1.html
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-37288
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.elastic.co/guide/en/security/current/assistant-connect-to-bedrock.html .
References: https://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-40643
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Joplin is a free, open source note taking and to-do application. Joplin fails to take into account that "<" followed by a non letter character will not be considered html. As such it is possible to do an XSS by putting an "illegal" tag within a tag.
References: https://github.com/laurent22/joplin/commit/b220413a9b5ed55fb1f565ac786a5c231da8bc87
https://github.com/laurent22/joplin/security/advisories/GHSA-g796-3g6g-jmmc
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-45041
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.
References: https://github.com/external-secrets/external-secrets/commit/428a452fd2ad45935312f2c2c0d40bc37ce6e67c
https://github.com/external-secrets/external-secrets/security/advisories/GHSA-qwgc-rr35-h4x9
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-44720
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.
References: https://github.com/seacms-net/CMS/issues/22
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-44721
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_reslib.php.
References: https://github.com/seacms-net/CMS/issues/23
CWE-ID: CWE-918
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-44333
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution. An attacker can achieve arbitrary command execution by sending a carefully crafted malicious string to the CGI function responsible for handling usb_paswd.asp.
References: https://gist.github.com/Swind1er/c8656b32058e28e64f92d100c92ca12c
https://www.dlink.com/en/security-bulletin/
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-44334
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgrade_filter.asp.
References: https://gist.github.com/Swind1er/563789899a7a4b9c261045a15efea952
https://www.dlink.com/en/security-bulletin/
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-44335
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution (RCE) via version_upgrade.asp.
References: https://gist.github.com/Swind1er/029fb2a9dab916f926fab40cc059223f
https://www.dlink.com/en/security-bulletin/
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-44849
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.
References: https://blog.extencil.me/information-security/cves/cve-2024-44849
https://github.com/extencil/CVE-2024-44849?tab=readme-ov-file
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-45296
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.
References: https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f
https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6
https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j
CWE-ID: CWE-1333
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-45411
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.
References: https://github.com/twigphp/Twig/commit/11f68e2aeb526bfaf638e30d4420d8a710f3f7c6
https://github.com/twigphp/Twig/commit/2102dd135986db79192d26fb5f5817a566e0a7de
https://github.com/twigphp/Twig/commit/7afa198603de49d147e90d18062e7b9addcf5233
https://github.com/twigphp/Twig/security/advisories/GHSA-6j75-5wfj-gh66
CWE-ID: CWE-693
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-7341
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation.
References: https://access.redhat.com/errata/RHSA-2024:6493
https://access.redhat.com/errata/RHSA-2024:6494
https://access.redhat.com/errata/RHSA-2024:6495
https://access.redhat.com/errata/RHSA-2024:6497
https://access.redhat.com/errata/RHSA-2024:6499
https://access.redhat.com/errata/RHSA-2024:6500
https://access.redhat.com/errata/RHSA-2024:6501
https://access.redhat.com/errata/RHSA-2024:6502
https://access.redhat.com/errata/RHSA-2024:6503
https://access.redhat.com/security/cve/CVE-2024-7341
https://bugzilla.redhat.com/show_bug.cgi?id=2302064
CWE-ID: CWE-384
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-42500
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 4.7
Description: HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System (NFSv4) services.
References: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04697en_us&docLocale=en_US
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-44724
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parameter at /admin/site_add.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value.
References: https://github.com/Hebing123/cve/issues/68
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-44725
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php.
References: https://github.com/Hebing123/cve/issues/69
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-6795
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.
An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content
and/or perform administrative operations including shutting down the database.
References: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-249-01
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-6796
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content.
References: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-249-01
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between September 09-10, 2024.
During this period, The National Vulnerability Database published 56, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 7
High: 11
Medium: 24
Low: 1
Severity Not Assigned: 13
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-8584
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Orca HCM from LEARNING DIGITAL does not properly restrict access to a specific functionality, allowing unauthenticated remote attacker to exploit this functionality to create an account with administrator privilege and subsequently use it to log in.
References: https://www.twcert.org.tw/en/cp-139-8040-948ef-2.html
https://www.twcert.org.tw/tw/cp-132-8039-24e48-1.html
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-37288
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.elastic.co/guide/en/security/current/assistant-connect-to-bedrock.html .
References: https://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-40643
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Joplin is a free, open source note taking and to-do application. Joplin fails to take into account that "<" followed by a non letter character will not be considered html. As such it is possible to do an XSS by putting an "illegal" tag within a tag.
References: https://github.com/laurent22/joplin/commit/b220413a9b5ed55fb1f565ac786a5c231da8bc87
https://github.com/laurent22/joplin/security/advisories/GHSA-g796-3g6g-jmmc
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-45041
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: External Secrets Operator is a Kubernetes operator that integrates external secret management systems. The external-secrets has a deployment called default-external-secrets-cert-controller, which is bound with a same-name ClusterRole. This ClusterRole has "get/list" verbs of secrets resources. It also has path/update verb of validatingwebhookconfigurations resources. This can be used to abuse the SA token of the deployment to retrieve or get ALL secrets in the whole cluster, capture and log all data from requests attempting to update Secrets, or make a webhook deny all Pod create and update requests. This vulnerability is fixed in 0.10.2.
References: https://github.com/external-secrets/external-secrets/commit/428a452fd2ad45935312f2c2c0d40bc37ce6e67c
https://github.com/external-secrets/external-secrets/security/advisories/GHSA-qwgc-rr35-h4x9
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-44720
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.
References: https://github.com/seacms-net/CMS/issues/22
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-44721
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_reslib.php.
References: https://github.com/seacms-net/CMS/issues/23
CWE-ID: CWE-918
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-44333
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution. An attacker can achieve arbitrary command execution by sending a carefully crafted malicious string to the CGI function responsible for handling usb_paswd.asp.
References: https://gist.github.com/Swind1er/c8656b32058e28e64f92d100c92ca12c
https://www.dlink.com/en/security-bulletin/
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-44334
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution due to insufficient parameter filtering in the CGI handling function of upgrade_filter.asp.
References: https://gist.github.com/Swind1er/563789899a7a4b9c261045a15efea952
https://www.dlink.com/en/security-bulletin/
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-44335
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04.18E1, DI-7300G+V2 v24.04.18D1, and DI-7400G+V2 v24.04.18D1 are vulnerable to Remote Command Execution (RCE) via version_upgrade.asp.
References: https://gist.github.com/Swind1er/029fb2a9dab916f926fab40cc059223f
https://www.dlink.com/en/security-bulletin/
CWE-ID: CWE-77
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-44849
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Qualitor up to 8.24 is vulnerable to Remote Code Execution (RCE) via Arbitrary File Upload in checkAcesso.php.
References: https://blog.extencil.me/information-security/cves/cve-2024-44849
https://github.com/extencil/CVE-2024-44849?tab=readme-ov-file
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-45296
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0.
References: https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f
https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6
https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j
CWE-ID: CWE-1333
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-45411
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Twig is a template language for PHP. Under some circumstances, the sandbox security checks are not run which allows user-contributed templates to bypass the sandbox restrictions. This vulnerability is fixed in 1.44.8, 2.16.1, and 3.14.0.
References: https://github.com/twigphp/Twig/commit/11f68e2aeb526bfaf638e30d4420d8a710f3f7c6
https://github.com/twigphp/Twig/commit/2102dd135986db79192d26fb5f5817a566e0a7de
https://github.com/twigphp/Twig/commit/7afa198603de49d147e90d18062e7b9addcf5233
https://github.com/twigphp/Twig/security/advisories/GHSA-6j75-5wfj-gh66
CWE-ID: CWE-693
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-7341
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when the turnOffChangeSessionIdOnLogin option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation.
References: https://access.redhat.com/errata/RHSA-2024:6493
https://access.redhat.com/errata/RHSA-2024:6494
https://access.redhat.com/errata/RHSA-2024:6495
https://access.redhat.com/errata/RHSA-2024:6497
https://access.redhat.com/errata/RHSA-2024:6499
https://access.redhat.com/errata/RHSA-2024:6500
https://access.redhat.com/errata/RHSA-2024:6501
https://access.redhat.com/errata/RHSA-2024:6502
https://access.redhat.com/errata/RHSA-2024:6503
https://access.redhat.com/security/cve/CVE-2024-7341
https://bugzilla.redhat.com/show_bug.cgi?id=2302064
CWE-ID: CWE-384
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-42500
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 4.7
Description: HPE has identified a denial of service vulnerability in HPE HP-UX System's Network File System (NFSv4) services.
References: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04697en_us&docLocale=en_US
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-44724
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: AutoCMS v5.4 was discovered to contain a PHP code injection vulnerability via the txtsite_url parameter at /admin/site_add.php. This vulnerability allows attackers to execute arbitrary PHP code via injecting a crafted value.
References: https://github.com/Hebing123/cve/issues/68
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-44725
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: AutoCMS v5.4 was discovered to contain a SQL injection vulnerability via the sidebar parameter at /admin/robot.php.
References: https://github.com/Hebing123/cve/issues/69
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-6795
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.
An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content
and/or perform administrative operations including shutting down the database.
References: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-249-01
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-6796
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content.
References: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-249-01
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found