Vulnerabilities > CVE-2024-6796 - Unspecified vulnerability in Baxter Connex Health Portal

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

baxter

critical

NVD

Published: 2024-09-09

Updated: 2024-09-20

Summary

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content.

Vulnerable Configurations

Part	Description	Count
Application	Baxter Baxter Connex Health Portal *	1

References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-249-01