CVE-2010-5309

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-5309
GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
https://twitter.com/digitalbond/status/619250429751222277
Configurations

Configuration 1 (hide)

cpe:2.3:o:gehealthcare:cadstream_server_firmware:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2015-08-04 14:59

Updated : 2018-03-28 01:29

NVD link : CVE-2010-5309

Mitre link : CVE-2010-5309

CVE.ORG link : CVE-2010-5309

JSON object : View

Products Affected

gehealthcare

  • cadstream_server_firmware
CWE
CWE-255

Credentials Management Errors