admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-227xx/CVE-2022-22766.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

791 lines
21 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-22766",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2022-02-11T19:15:08.850",
"lastModified": "2024-11-21T06:47:24.280",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be able to gain access to the underlying file system and could potentially exploit application files for information that could be used to decrypt application credentials or gain access to electronic protected health information (ePHI) or other sensitive information."
},
{
"lang": "es",
"value": "Unas credenciales embebidas son usadas en productos espec\u00edficos de BD Pyxis. Si es explotado, los actores de la amenaza pueden ser capaces de conseguir acceso al sistema de archivos subyacente y podr\u00edan potencialmente explotar los archivos de la aplicaci\u00f3n para obtener informaci\u00f3n que podr\u00eda ser usada para descifrar las credenciales de la aplicaci\u00f3n o para conseguir acceso a la informaci\u00f3n de salud electr\u00f3nica protegida (ePHI) u otra informaci\u00f3n confidencial"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"baseScore": 2.1,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_anesthesia_station_es_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE68344-E519-4DEF-A91F-4094E0D88353"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_anesthesia_station_es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F3ACBB-87CA-43D2-8E32-2656BDCFEB8D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_anesthesia_station_4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97F86D1E-67B1-4C44-8F19-27271D4FF80D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_anesthesia_station_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5261A6F0-0C16-48A4-AC8E-C56616C3EB69"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_cato_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF216527-C831-4DDA-B06D-9EC32DC4E9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_cato:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDB0372-AC19-4D48-892D-B188900B4D05"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_ciisafe_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3974AAD5-FDF0-49FD-AC76-77A0318A6A8E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_ciisafe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0488CEEA-9504-4619-80F2-106AF8A3E4A1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_inventory_connect_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1E01B870-A465-4BB7-A8CC-D3A25C1C307A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_inventory_connect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB422BA-952D-4500-AF88-53F2CD55971A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_iv_prep_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99594833-0248-4484-9A80-C19D80DF5B05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_iv_prep:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F467ED-38A7-40C2-A5B7-5437780A58D0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_jitrbud_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C4E95E6-96B2-4A7D-A4F4-ECB6617762F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_jitrbud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07D68CF9-39A2-4CCA-90A1-C48EA64D292B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_kanban_rf_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A5299E-F3AC-4813-8800-B8C8EDBC1624"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_kanban_rf:-:*:*:*:*:*:*:*",
"matchCriteriaId": "000D25AC-F562-4E8D-B9E9-F82B9751C9C5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_logistics_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "065D8497-C15B-4C16-B4F2-8BC47B556079"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_logistics:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0197950-E007-4748-89B5-06A1ABA06E39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_med_link_family_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B87C798-EC9F-4EA0-83AA-0CFBBC97FA01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_med_link_family:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BD8F0D-A061-45E8-9388-0FFD8C62FDA8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_medbank_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B5FEF7B-2C20-4D41-BEE7-3E07B7E7C69C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_medbank:-:*:*:*:*:*:*:*",
"matchCriteriaId": "246A5F4B-B994-4FC4-A696-1E67E2F9971B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_medstation_4000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B064580E-A862-4F20-A767-CF8CFC5972D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_medstation_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65167BF4-9505-4C1A-8E48-B772A74271F8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_medstation_es_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A426FE1F-6BC9-4290-9940-4D2209850412"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_medstation_es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB63AC0-5A51-494D-BDFA-BFD4B66A44D9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_medstation_es_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BA6158B-0D28-4CF6-8150-704605860F23"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_medstation_es_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "042CAB2C-F252-4769-B38B-4DEC2C8D109A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_parassist_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D84B80-87CB-4ADA-9937-6F5981593AE2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_parassist:-:*:*:*:*:*:*:*",
"matchCriteriaId": "192F2049-9575-48C2-9EF5-5CB8A2C0C65B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_pharmopack_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F938C6B4-0990-44F9-8B23-22DE96E4D303"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_pharmopack:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1AF993B-08A3-42BE-B037-20137BFA3BB4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_procedurestation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F56324F6-B50E-4DF3-B90B-AD6A1FB4CC2E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_procedurestation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F34CF1E-C07A-4AE9-AD7A-EDD060EE64D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_rapid_rx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "581094C6-A881-4A94-9BF6-8535424A374B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_rapid_rx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6C17CA-3731-4214-9388-BEBFCF2509D0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_stockstation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F44FA73D-106A-4466-8742-BC224CED9AD2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_stockstation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2699D945-7724-4CDA-9542-A9954D0B0BF2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_supplycenter_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1D7FBA-EDD7-469E-B144-6BD4B7373F22"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_supplycenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D619B7DE-C9A9-45FA-8A7F-DEED2838AD18"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_supplyroller_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF17CD6-4F0B-4FAB-9CCD-8223C4FE4D3E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_supplyroller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56199C09-6164-4E73-B868-C3FE5BC74C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_supplystation_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5D153724-31AE-4474-8F2E-9B5D7C2D7CE9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_supplystation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84A0B681-5D18-4D0F-B485-A90348AFD321"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:pyxis_track_and_deliver_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "119BFE9F-7FEA-454B-B373-298673069938"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:pyxis_track_and_deliver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B02A859-9DEE-40BF-822B-BDB2AFEAB886"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:rowa_pouch_packaging_systems_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C472FE3-C043-456A-827C-F9E2ED704A52"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:rowa_pouch_packaging_systems:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2F707E6-6F04-45E5-BA9C-0109A34AC160"
}
]
}
]
}
],
"references": [
{
"url": "https://cybersecurity.bd.com/bulletins-and-patches/bd-pyxis-products---hardcoded-credentials",
"source": "cybersecurity@bd.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-062-01",
"source": "cybersecurity@bd.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://cybersecurity.bd.com/bulletins-and-patches/bd-pyxis-products---hardcoded-credentials",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-062-01",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink