cvelistv5 - cve-2017-14008

CVE-2017-14008 (GCVE-0-2017-14008)

Vulnerability from cvelistv5 – Published: 2018-03-20 16:00 – Updated: 2024-09-16 17:43

Summary

GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Severity ?

No CVSS data available.

CWE

CWE-287 - IMPROPER AUTHENTICATION CWE-287 The affected devices use default or hard-coded credentials.

Assigner

icscert

References

URL

	Vendor	Product	Version
	GE Healthcare	GE Centricity PACS RA1000	Affected: All

CNVD-2018-07552

Vulnerability from cnvd - Published: 2018-04-12

Title

GE Centricity PACS RA1000身份验证绕过漏洞

Description

GE Centricity PACS RA1000是美国通用电气（GE）公司的一套应用于医疗行业的影像传输与归档系统。 GE Centricity PACS RA1000中存在身份验证绕过漏洞，该漏洞源于设备使用了默认凭证或硬编码凭证。远程攻击者可利用该漏洞绕过身份验证并获取设备的访问权限。

Severity

中

Patch Name

GE Centricity PACS RA1000身份验证绕过漏洞的补丁

Patch Description

GE Centricity PACS RA1000是美国通用电气（GE）公司的一套应用于医疗行业的影像传输与归档系统。 GE Centricity PACS RA1000中存在身份验证绕过漏洞，该漏洞源于设备使用了默认凭证或硬编码凭证。远程攻击者可利用该漏洞绕过身份验证并获取设备的访问权限。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www3.gehealthcare.com/en/support/security

Reference

http://www.securityfocus.com/bid/103400

Impacted products

Name
General Electric Centricity PACS RA1000 Workstation

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "103400"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-14008"
    }
  },
  "description": "GE Centricity PACS RA1000\u662f\u7f8e\u56fd\u901a\u7528\u7535\u6c14\uff08GE\uff09\u516c\u53f8\u7684\u4e00\u5957\u5e94\u7528\u4e8e\u533b\u7597\u884c\u4e1a\u7684\u5f71\u50cf\u4f20\u8f93\u4e0e\u5f52\u6863\u7cfb\u7edf\u3002\r\n\r\nGE Centricity PACS RA1000\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8bbe\u5907\u4f7f\u7528\u4e86\u9ed8\u8ba4\u51ed\u8bc1\u6216\u786c\u7f16\u7801\u51ed\u8bc1\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u5e76\u83b7\u53d6\u8bbe\u5907\u7684\u8bbf\u95ee\u6743\u9650\u3002",
  "discovererName": "Scott Erven",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www3.gehealthcare.com/en/support/security",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-07552",
  "openTime": "2018-04-12",
  "patchDescription": "GE Centricity PACS RA1000\u662f\u7f8e\u56fd\u901a\u7528\u7535\u6c14\uff08GE\uff09\u516c\u53f8\u7684\u4e00\u5957\u5e94\u7528\u4e8e\u533b\u7597\u884c\u4e1a\u7684\u5f71\u50cf\u4f20\u8f93\u4e0e\u5f52\u6863\u7cfb\u7edf\u3002\r\n\r\nGE Centricity PACS RA1000\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u8bbe\u5907\u4f7f\u7528\u4e86\u9ed8\u8ba4\u51ed\u8bc1\u6216\u786c\u7f16\u7801\u51ed\u8bc1\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u5e76\u83b7\u53d6\u8bbe\u5907\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "GE Centricity PACS RA1000\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "General Electric Centricity PACS RA1000 Workstation"
  },
  "referenceLink": "http://www.securityfocus.com/bid/103400",
  "serverity": "\u4e2d",
  "submitTime": "2018-03-23",
  "title": "GE Centricity PACS RA1000\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

GSD-2017-14008

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-14008

Aliases

CVE-2017-14008

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-14008",
    "description": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
    "id": "GSD-2017-14008"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-14008"
      ],
      "details": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
      "id": "GSD-2017-14008",
      "modified": "2023-12-13T01:21:12.493295Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "DATE_PUBLIC": "2018-03-13T00:00:00",
        "ID": "CVE-2017-14008",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "GE Centricity PACS RA1000",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "All"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "GE Healthcare"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "IMPROPER AUTHENTICATION CWE-287 The affected devices use default or hard-coded credentials."
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "103400",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103400"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ge:centricity_pacs_ra1000:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-14008"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-798"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
              "refsource": "MISC",
              "tags": [
                "Mitigation",
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
            },
            {
              "name": "103400",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103400"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:23Z",
      "publishedDate": "2018-03-20T16:29Z"
    }
  }
}

FKIE_CVE-2017-14008

Vulnerability from fkie_nvd - Published: 2018-03-20 16:29 - Updated: 2024-11-21 03:11

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://www.securityfocus.com/bid/103400	Third Party Advisory, VDB Entry
ics-cert@hq.dhs.gov	https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02	Mitigation, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103400	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02	Mitigation, Third Party Advisory, US Government Resource

Impacted products

	Vendor	Product	Version
	ge	centricity_pacs_ra1000	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ge:centricity_pacs_ra1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41609401-5C1F-42EB-84C1-DE9ACB90A110",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices."
    },
    {
      "lang": "es",
      "value": "GE Centricity PACS RA1000, para analizar im\u00e1genes de diagn\u00f3stico, en todas las versiones actuales afectadas, estos dispositivos emplean credenciales por defecto o embebidas. La explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir que un atacante remoto omita la autenticaci\u00f3n y obtenga acceso a los dispositivos afectados."
    }
  ],
  "id": "CVE-2017-14008",
  "lastModified": "2024-11-21T03:11:57.330",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-20T16:29:00.437",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103400"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ICSMA-18-037-02

Vulnerability from csaf_cisa - Published: 2018-02-06 00:00 - Updated: 2018-03-13 00:00

Summary

GE Medical Devices Vulnerability

Notes

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation

Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Critical infrastructure sectors

Healthcare and Public Health

Countries/areas deployed

Worldwide

Company headquarters location

United States

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation of this (these) vulnerability(ies), such as:

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Recommended Practices

Do not click web links or open attachments in unsolicited email messages.

Recommended Practices

Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.

Recommended Practices

Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

Recommended Practices

No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Scott Erven"
        ],
        "summary": "reporting these vulnerabilities to GE Healthcare"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Healthcare and Public Health",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "United States",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this (these) vulnerability(ies), such as:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Do not click web links or open attachments in unsolicited email messages.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSMA-18-037-02 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsma-18-037-02.json"
      },
      {
        "category": "self",
        "summary": "ICSA Advisory ICSMA-18-037-02 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-037-02"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "GE Medical Devices Vulnerability",
    "tracking": {
      "current_release_date": "2018-03-13T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSMA-18-037-02",
      "initial_release_date": "2018-02-06T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-02-06T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSMA-18-037-02P GE Medical Devices Vulnerability"
        },
        {
          "date": "2018-03-13T00:00:00.000000Z",
          "legacy_version": "A",
          "number": "2",
          "summary": "ICSMA-18-037-02 GE Medical Devices Vulnerability (Update A)"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Optima 520: *",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Optima 520"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Optima 540: *",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Optima 540"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Optima 640: *",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Optima 640"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Optima 680: *",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Optima 680"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 1.003",
                "product": {
                  "name": "Discovery NM530c: \u003c 1.003",
                  "product_id": "CSAFPID-0005"
                }
              }
            ],
            "category": "product_name",
            "name": "Discovery NM530c"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 2.003",
                "product": {
                  "name": "Discovery NM750b: \u003c 2.003",
                  "product_id": "CSAFPID-0006"
                }
              }
            ],
            "category": "product_name",
            "name": "Discovery NM750b"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Discovery XR656: *",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "Discovery XR656"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Discovery XR656 Plus: *",
                  "product_id": "CSAFPID-0008"
                }
              }
            ],
            "category": "product_name",
            "name": "Discovery XR656 Plus"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Revolution XQ/i: *",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "Revolution XQ/i"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "THUNIS-800+: *",
                  "product_id": "CSAFPID-0010"
                }
              }
            ],
            "category": "product_name",
            "name": "THUNIS-800+"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Centricity PACS Server: *",
                  "product_id": "CSAFPID-0011"
                }
              }
            ],
            "category": "product_name",
            "name": "Centricity PACS Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Centricity PACS RA1000: *",
                  "product_id": "CSAFPID-0012"
                }
              }
            ],
            "category": "product_name",
            "name": "Centricity PACS RA1000"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Centricity PACS-IW: *",
                  "product_id": "CSAFPID-0013"
                }
              }
            ],
            "category": "product_name",
            "name": "Centricity PACS-IW"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Centricity DMS: *",
                  "product_id": "CSAFPID-0014"
                }
              }
            ],
            "category": "product_name",
            "name": "Centricity DMS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Discovery VH: *",
                  "product_id": "CSAFPID-0015"
                }
              }
            ],
            "category": "product_name",
            "name": "Discovery VH"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Millenium VG: *",
                  "product_id": "CSAFPID-0016"
                }
              }
            ],
            "category": "product_name",
            "name": "Millenium VG"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "eNTEGRA 2.0/2.5 Processing and Review Workstation: *",
                  "product_id": "CSAFPID-0017"
                }
              }
            ],
            "category": "product_name",
            "name": "eNTEGRA 2.0/2.5 Processing and Review Workstation"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "CADstream: *",
                  "product_id": "CSAFPID-0018"
                }
              }
            ],
            "category": "product_name",
            "name": "CADstream"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Optima MR360: *",
                  "product_id": "CSAFPID-0019"
                }
              }
            ],
            "category": "product_name",
            "name": "Optima MR360"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "GEMNet License server (EchoServer): *",
                  "product_id": "CSAFPID-0020"
                }
              }
            ],
            "category": "product_name",
            "name": "GEMNet License server (EchoServer)"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Image Vault 3.x medical imaging software: *",
                  "product_id": "CSAFPID-0021"
                }
              }
            ],
            "category": "product_name",
            "name": "Image Vault 3.x medical imaging software"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Infinia: *",
                  "product_id": "CSAFPID-0022"
                }
              }
            ],
            "category": "product_name",
            "name": "Infinia"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Infinia with Hawkeye 4 / 1: *",
                  "product_id": "CSAFPID-0023"
                }
              }
            ],
            "category": "product_name",
            "name": "Infinia with Hawkeye 4 / 1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Millenium MG: *",
                  "product_id": "CSAFPID-0024"
                }
              }
            ],
            "category": "product_name",
            "name": "Millenium MG"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Millenium NC: *",
                  "product_id": "CSAFPID-0025"
                }
              }
            ],
            "category": "product_name",
            "name": "Millenium NC"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Millenium MyoSIGHT: *",
                  "product_id": "CSAFPID-0026"
                }
              }
            ],
            "category": "product_name",
            "name": "Millenium MyoSIGHT"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Precision MP/i: *",
                  "product_id": "CSAFPID-0027"
                }
              }
            ],
            "category": "product_name",
            "name": "Precision MP/i"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Xeleris 1.0: *",
                  "product_id": "CSAFPID-0028"
                }
              }
            ],
            "category": "product_name",
            "name": "Xeleris 1.0"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Xeleris 1.1: *",
                  "product_id": "CSAFPID-0029"
                }
              }
            ],
            "category": "product_name",
            "name": "Xeleris 1.1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Xeleris 2.1: *",
                  "product_id": "CSAFPID-0030"
                }
              }
            ],
            "category": "product_name",
            "name": "Xeleris 2.1"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Xeleris 3.0: *",
                  "product_id": "CSAFPID-0031"
                }
              }
            ],
            "category": "product_name",
            "name": "Xeleris 3.0"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "Xeleris 3.1: *",
                  "product_id": "CSAFPID-0032"
                }
              }
            ],
            "category": "product_name",
            "name": "Xeleris 3.1"
          }
        ],
        "category": "vendor",
        "name": "GE Healthcare"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2010-5306",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and attack vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2010-5306"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2009-5143",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value. ",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0005"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2009-5143"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0005"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0005"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2013-7404",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0006"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2013-7404"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0006"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0006"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2014-7232",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0007",
          "CSAFPID-0008"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2014-7232"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0007",
            "CSAFPID-0008"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0007",
            "CSAFPID-0008"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0007",
            "CSAFPID-0008"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2010-5310",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0009"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2010-5310"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0009"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0009"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0009"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2014-7233",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for \"Setup and Activation\" using DSASetup, and (4) an empty string for Shutter Configuration, which has unspecified impact and attack vectors. NOTE: since these passwords appear to be used to access functionality during installation, this issue might not cross privilege boundaries and might not be a vulnerability.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0010"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2014-7233"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0010"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0010"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0010"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-6693",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0011"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2012-6693"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0011"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0011"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0011"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-6694",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0011"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2012-6694"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0011"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0011"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0011"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-6695",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0011"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2012-6695"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0011"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0011"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0011"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2013-7442",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0011"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2013-7442"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0011"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0011"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0011"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-14008",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0012"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2017-14008"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0012"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0012"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0012"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2011-5322",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst user, (3) G3car3s for the ccg user, (4) V0yag3r for the viewer user, and (5) geservice for the geservice user in the Webmin interface, which has unspecified impact and attack vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0013"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2011-5322"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0013"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0013"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0013"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2007-6757",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0014"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2007-6757"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0014"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0014"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0014"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2003-1603",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) \"2\" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0015",
          "CSAFPID-0016"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2003-1603"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0015",
            "CSAFPID-0016"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0015",
            "CSAFPID-0016"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2001-1594",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare eNTEGRA P\u0026R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, (3) 0 for the entegra user of the Codonics printer FTP service, (4) eNTEGRA for the eNTEGRA P\u0026R user account, (5) insite for the WinVNC Login, and possibly other accounts, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0017"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2001-1594"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0017"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0017"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0017"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2010-5309",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0018"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2010-5309"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0018"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0018"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0018"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2010-5307",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0019"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2010-5307"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0019"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0019"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0019"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-14004",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices..",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0020"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2017-14004"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0020"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0020"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0020"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2004-2777",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0021"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2004-2777"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0021"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0021"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0021"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-14002",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0022",
          "CSAFPID-0023"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2017-14002"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0022",
            "CSAFPID-0023"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0022",
            "CSAFPID-0023"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0022",
            "CSAFPID-0023"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2002-2446",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0024",
          "CSAFPID-0025",
          "CSAFPID-0026"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2002-2446"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0024",
            "CSAFPID-0025",
            "CSAFPID-0026"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0024",
            "CSAFPID-0025",
            "CSAFPID-0026"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0024",
            "CSAFPID-0025",
            "CSAFPID-0026"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2012-6660",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0027"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2012-6660"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0027"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0027"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0027"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2017-14006",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "summary",
          "text": "GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0028",
          "CSAFPID-0029",
          "CSAFPID-0030",
          "CSAFPID-0031",
          "CSAFPID-0032"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/vuln/detail?vulnId=CVE-2017-14006"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "GE has produced product updates that are available upon request, which replace default or hard-coded credentials with custom credentials for all but three of the affected products. GE\u0027s product updates are not available for the Optima 680, Revolution XQ/i, and THUNIS-800+ systems.",
          "product_ids": [
            "CSAFPID-0028",
            "CSAFPID-0029",
            "CSAFPID-0030",
            "CSAFPID-0031",
            "CSAFPID-0032"
          ]
        },
        {
          "category": "mitigation",
          "details": "GE Healthcare provides updates on vulnerability management and other security information at the following URL: http://www3.gehealthcare.com/en/support/security",
          "product_ids": [
            "CSAFPID-0028",
            "CSAFPID-0029",
            "CSAFPID-0030",
            "CSAFPID-0031",
            "CSAFPID-0032"
          ],
          "url": "http://www3.gehealthcare.com/en/support/security"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0028",
            "CSAFPID-0029",
            "CSAFPID-0030",
            "CSAFPID-0031",
            "CSAFPID-0032"
          ]
        }
      ]
    }
  ]
}

GHSA-VC78-HCHJ-7QRF

Vulnerability from github – Published: 2022-05-13 01:37 – Updated: 2022-05-13 01:37

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-14008"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-03-20T16:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.",
  "id": "GHSA-vc78-hchj-7qrf",
  "modified": "2022-05-13T01:37:40Z",
  "published": "2022-05-13T01:37:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14008"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103400"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-14008 (GCVE-0-2017-14008)

CNVD-2018-07552

GSD-2017-14008

FKIE_CVE-2017-14008

ICSMA-18-037-02

GHSA-VC78-HCHJ-7QRF

Tags

Sightings

Nomenclature