CVE-2018-10593 Information
Feb 14, 2021
cve
Description
A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA Kiestra WCA and InoqulA+ specimen processor) to issue SQL commands which may result in data corruption.
CVSS Vector
CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:H
Reference
https://ics-cert.us-cert.gov/advisories/ICSMA-18-142-01 https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletin-bd-kiestra-tla-bd-kiestra-wca-bd-inoqula
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
HIGH
Base Score
HIGH
Base Severity
5.6
Share on: