Total
755 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-6111 | 1 Ibm | 2 Security Identity Manager, Tivoli Identity Manager | 2018-05-22 | 2.1 LOW | 7.8 HIGH |
| IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to decrypt SIM credentials via unspecified vectors. IBM X-Force ID: 96180. | |||||
| CVE-2016-9739 | 1 Ibm | 1 Security Identity Manager | 2018-05-02 | 2.1 LOW | 7.8 HIGH |
| IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user. | |||||
| CVE-2014-4861 | 1 Thycotic | 1 Secret Server | 2018-03-29 | 7.5 HIGH | 9.8 CRITICAL |
| The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended. | |||||
| CVE-2014-7233 | 1 Gehealthcare | 1 Precision Thunis-800\+ | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and Activation" using DSASetup, and (4) an empty string for Shutter Configuration, which has unspecified impact and attack vectors. NOTE: since these passwords appear to be used to access functionality during installation, this issue might not cross privilege boundaries and might not be a vulnerability. | |||||
| CVE-2014-7232 | 1 Gehealthcare | 2 Discovery Xr656, Discovery Xr656 G2 | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2013-7442 | 1 Gehealthcare | 1 Centricity Pacs Workstation | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it. | |||||
| CVE-2013-7404 | 1 Gehealthcare | 1 Discovery Nm 750b | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2012-6695 | 1 Gehealthcare | 1 Centricity Pacs Workstation | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2012-6694 | 1 Gehealthcare | 2 Centricity Pacs Server, Centricity Pacs Workstation | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it. | |||||
| CVE-2012-6693 | 1 Gehealthcare | 1 Centricity Pacs Server | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack vectors. | |||||
| CVE-2012-6660 | 1 Gehealthcare | 1 Precision Mpi | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2011-5322 | 1 Gehealthcare | 1 Centricity Analytics Server | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the viewer user, and (5) geservice for the geservice user in the Webmin interface, which has unspecified impact and attack vectors. | |||||
| CVE-2010-5310 | 1 Gehealthcare | 1 Revolution Xq\/i | 2018-03-28 | 10.0 HIGH | N/A |
| The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2010-5309 | 1 Gehealthcare | 1 Cadstream Server Firmware | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors. | |||||
| CVE-2010-5307 | 1 Gehealthcare | 1 Optima Mr360 Firmware | 2018-03-28 | 10.0 HIGH | N/A |
| The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2010-5306 | 1 Gehealthcare | 3 Optima Ct520 Firmware, Optima Ct540 Firmware, Optima Ct680 Firmware | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and attack vectors. | |||||
| CVE-2009-5143 | 1 Gehealthcare | 1 Discovery 530c Firmware | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2007-6757 | 1 Gehealthcare | 1 Centricity Dms Firmware | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2004-2777 | 1 Gehealthcare | 1 Centricity Image Vault Firmware | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. | |||||
| CVE-2003-1603 | 1 Gehealthcare | 1 Discovery Vh | 2018-03-28 | 10.0 HIGH | N/A |
| GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors. | |||||