How severe is CVE-2024-10476?

This vulnerability has a severity rating of HIGH with a CVSS score of 8 out of 10.

What type of vulnerability is CVE-2024-10476?

This is classified as CWE-1392, which is a common weakness in software security.

CVE-2024-10476 - HIGH Severity | CVSS 8

Vulnerability Description

Default credentials are used in the above listed BD Diagnostic Solutions products. If exploited, threat actors may be able to access, modify or delete data, including sensitive information such as protected health information (PHI) and personally identifiable information (PII). Exploitation of this vulnerability may allow an attacker to shut down or otherwise impact the availability of the system. Note: BD Synapsys™ Informatics Solution is only in scope of this vulnerability when installed on a NUC server. BD Synapsys™ Informatics Solution installed on a customer-provided virtual machine or on the BD Kiestra™ SCU hardware is not in scope.

Related Vulnerabilities

CVE-2023-43844

HIGH

CVSS:8.0(High)

Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged web interface account. The user is not asked to change the credentials after first login. If not changed, attackers can log ...

CWE-13922023

CVE-2025-5124

CRITICAL

CVSS:8.1(High)

A vulnerability classified as critical has been found in Sony SNC-M1, SNC-M3, SNC-RZ25N, SNC-RZ30N, SNC-DS10, SNC-CS3N and SNC-RX570N up to 1.30. This affects an unknown part of the component Administ...

CWE-13922025

CVE-2024-39584

HIGH

CVSS:8.2(High)

Dell Client Platform BIOS contains a Use of Default Cryptographic Key Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Secure Boot b...

CWE-13922024

CVE-2024-5245

HIGH

CVSS:7.8(High)

NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NE...

CWE-13922024

CVE-2025-22460

HIGH

CVSS:7.8(High)

Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.

CWE-13922025

CVE-2024-12013

HIGH

CVSS:7.6(High)

A CWE-1392 “Use of Default Credentials” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credent...

CWE-13922024