CVE-2018-10595 Information
Feb 14, 2021
cve
Description
A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA Kiestra WCA and InoqulA+ specimen processor) to issue SQL commands which may result in loss or corruption of data.
CVSS Vector
CVSS:3.0/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Reference
https://ics-cert.us-cert.gov/advisories/ICSMA-18-142-01 https://www.bd.com/en-us/support/product-security-and-privacy/product-security-bulletin-bd-kiestra-tla-bd-kiestra-wca-bd-inoqula
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
REQUIRED
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
6.3
Share on: