{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T03:39:04.237","vulnerabilities":[{"cve":{"id":"CVE-2024-10476","sourceIdentifier":"cybersecurity@bd.com","published":"2024-12-17T16:15:23.390","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this vulnerability may allow an attacker to shut down or otherwise impact the availability of the system. Note: BD Synapsys™ Informatics\nSolution is only in scope of\nthis vulnerability when\ninstalled on a NUC server. BD Synapsys™\nInformatics Solution installed\non a customer-provided virtual machine or on the BD Kiestra™ SCU hardware is\nnot in scope."},{"lang":"es","value":"Las credenciales predeterminadas se utilizan en BD Diagnostic Solutions products enumerados anteriormente. Si se explota esta vulnerabilidad, los actores de amenazas pueden acceder, modificar o eliminar datos, incluida información confidencial como información médica protegida (PHI) e información de identificación personal (PII). La explotación de esta vulnerabilidad puede permitir que un atacante apague o afecte de otro modo la disponibilidad del sistema. Nota: BD Synapsys™ Informatics Solution solo está dentro del alcance de esta vulnerabilidad cuando se instala en un servidor NUC. BD Synapsys™ Informatics Solution instalada en una máquina virtual proporcionada por el cliente o en el hardware BD Kiestra™ SCU no está dentro del alcance."}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@bd.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}]},"weaknesses":[{"source":"cybersecurity@bd.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1392"}]}],"references":[{"url":"https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-cybersecurity-vulnerability-bulletin-diagnostic-solutions-products","source":"cybersecurity@bd.com"}]}}]}