Vulnerabilities > BD > Facschorus

DATE CVE VULNERABILITY TITLE RISK
2023-11-28 CVE-2023-29061 Missing Authentication for Critical Function vulnerability in BD Facschorus
There is no BIOS password on the FACSChorus workstation.
low complexity
bd CWE-306
5.2
2023-11-28 CVE-2023-29062 Improper Authentication vulnerability in BD Facschorus
The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource.
low complexity
bd CWE-287
3.8
2023-11-28 CVE-2023-29063 Missing Authentication for Critical Function vulnerability in BD Facschorus
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture.
low complexity
bd CWE-306
2.4
2023-11-28 CVE-2023-29064 Use of Hard-coded Credentials vulnerability in BD Facschorus
The FACSChorus software contains sensitive information stored in plaintext.
low complexity
bd CWE-798
4.3
2023-11-28 CVE-2023-29065 Incorrect Permission Assignment for Critical Resource vulnerability in BD Facschorus
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user.
low complexity
bd CWE-732
4.3
2023-11-28 CVE-2023-29066 Improper Privilege Management vulnerability in BD Facschorus
The FACSChorus software does not properly assign data access privileges for operating system user accounts.
low complexity
bd CWE-269
3.5
2023-11-28 CVE-2023-29060 Missing Authentication for Critical Function vulnerability in BD Facschorus
The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports.
low complexity
bd CWE-306
5.7