CVE-2022-30277
BD Synapsys™ – Insufficient Session Expiration
Severity Score
5.7
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
BD Synapsys™, versions 4.20, 4.20 SR1, and 4.30, contain an insufficient session expiration vulnerability. If exploited, threat actors may be able to access, modify or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI) and personally identifiable information (PII).
BD Synapsys™, versiones 4.20, 4.20 SR1, y 4.30, contienen una vulnerabilidad de expiración de sesión insuficiente. Si es explotada, los actores de la amenaza pueden ser capaces de acceder, modificar o eliminar información confidencial, incluyendo información de salud electrónica protegida (ePHI), información de salud protegida (PHI) e información de identificación personal (PII)
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-05-04 CVE Reserved
- 2022-06-01 CVE Published
- 2023-12-23 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-613: Insufficient Session Expiration
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://cybersecurity.bd.com/bulletins-and-patches/bd-synapsys-insufficient-session-expiration | 2022-06-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Bd Search vendor "Bd" | Synapsys Search vendor "Bd" for product "Synapsys" | 4.20 Search vendor "Bd" for product "Synapsys" and version "4.20" | - |
Affected
| ||||||
Bd Search vendor "Bd" | Synapsys Search vendor "Bd" for product "Synapsys" | 4.20 Search vendor "Bd" for product "Synapsys" and version "4.20" | sr1 |
Affected
| ||||||
Bd Search vendor "Bd" | Synapsys Search vendor "Bd" for product "Synapsys" | 4.30 Search vendor "Bd" for product "Synapsys" and version "4.30" | - |
Affected
|