GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related to TimbuktuPro. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires it.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:01
Type | Values Removed | Values Added |
---|---|---|
References | () http://apps.gehealthcare.com/servlet/ClientServlet/C401_WS_INST_SV_2069560001r1.pdf?REQ=RAA&DIRECTION=2069560-001&FILENAME=C401_WS_INST_SV_2069560001r1.pdf&FILEREV=1&DOCREV_ORG=1 - | |
References | () http://apps.gehealthcare.com/servlet/ClientServlet/C40_WS_INST_SV_2063534-001r2.pdf?REQ=RAA&DIRECTION=2063534-001&FILENAME=C40_WS_INST_SV_2063534-001r2.pdf&FILEREV=1&DOCREV_ORG=1 - | |
References | () http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/ - | |
References | () https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02 - | |
References | () https://twitter.com/digitalbond/status/619250429751222277 - |
Information
Published : 2015-08-04 14:59
Updated : 2024-11-21 02:01
NVD link : CVE-2013-7442
Mitre link : CVE-2013-7442
CVE.ORG link : CVE-2013-7442
JSON object : View
Products Affected
gehealthcare
- centricity_pacs_workstation
CWE
CWE-255
Credentials Management Errors