CVE-2022-30277

Name of the Vulnerable Software and Affected Versions BD Synapsys versions 4.20 through 4.30

Description The issue is related to an insufficient session expiration, which could allow threat actors to access, modify, or delete sensitive information, including electronic protected health information (ePHI), protected health information (PHI), and personally identifiable information (PII).

Recommendations For versions 4.20, 4.20 SR1, and 4.30, consider implementing additional security measures to enforce proper session expiration until a patch is available. As a temporary workaround, restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.