First published: Thu Jul 13 2023(Updated: )
An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an attacker.
Credit: cybersecurity@bd.com cybersecurity@bd.com
Affected Software | Affected Version | How to fix |
---|---|---|
Bd Guardrails Cqi Reporter | <=10.17 |
BD recommends customers update to the BD Alarisâ„¢ System v12.3, where available based on regulatory authorization. Customers who require software updates should contact their BD Account Executive to assist with scheduling the remediation.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-30565 is a vulnerability that allows an attacker to sniff infusion data by exploiting an insecure connection between Systems Manager and CQI Reporter application.
The severity of CVE-2023-30565 is low with a CVSS score of 3.5.
The Bd Guardrails Cqi Reporter application version up to 10.17 is affected by CVE-2023-30565.
To fix CVE-2023-30565, apply the necessary patches or updates provided by the vendor.
You can find more information about CVE-2023-30565 in the [BD Cybersecurity Bulletin](https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx).