Vulnerabilities > Baxter > Connex Health Portal

DATE CVE VULNERABILITY TITLE RISK
2024-09-09 CVE-2024-6795 SQL Injection vulnerability in Baxter Connex Health Portal
In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database.  An attacker could have submitted a crafted payload to Connex portal that could have resulted in modification and disclosure of database content and/or perform administrative operations including shutting down the database.
network
low complexity
baxter CWE-89
critical
 9.8
9.8
2024-09-09 CVE-2024-6796 Unspecified vulnerability in Baxter Connex Health Portal
In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex portal's database and/or modify content.
network
low complexity
baxter
critical
 9.1
9.1