Skip to main content

Connex Health Portal

2 CVEs product

Monthly

CVE-2024-6796 CRITICAL Act Now

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Connex Health Portal
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-6795 CRITICAL Act Now

In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Connex Health Portal
NVD
CVSS 3.1
9.8
EPSS
0.6%
EPSS 0% CVSS 9.1
CRITICAL Act Now

In Baxter Connex health portal released before 8/30/2024, an improper access control vulnerability has been found that could allow an unauthenticated attacker to gain unauthorized access to Connex. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Connex Health Portal
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Connex health portal released before8/30/2024, SQL injection vulnerabilities were found that could have allowed an unauthenticated attacker to gain unauthorized access to Connex portal's database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass SQLi Connex Health Portal
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy