Hard-coded Password Vulnerability in Becton, Dickinson and Company (BD) PerformA and KLA Journal Service

Hard-coded Password Vulnerability in Becton, Dickinson and Company (BD) PerformA and KLA Journal Service

CVE-2017-6022 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA, Version 2.0.14.0 and prior versions, and KLA Journal Service, Version 1.0.51 and prior versions. They use hard-coded passwords to access the BD Kiestra Database, which could be leveraged to compromise the confidentiality of limited PHI/PII information stored in the BD Kiestra Database.

Learn more about our Web Application Penetration Testing UK.