Vulnerabilities (CVE)

Filtered by vendor Gehealthcare Subscribe
Filtered by product Optima Mr360 Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-25175 1 Gehealthcare 224 1.5t Brivo Mr355, 1.5t Brivo Mr355 Firmware, 3.0t Signa Hd 16 and 221 more 2024-02-28 5.0 MEDIUM 9.8 CRITICAL
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
CVE-2020-25179 1 Gehealthcare 224 1.5t Brivo Mr355, 1.5t Brivo Mr355 Firmware, 3.0t Signa Hd 16 and 221 more 2024-02-28 7.5 HIGH 9.8 CRITICAL
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
CVE-2010-5308 1 Gehealthcare 1 Optima Mr360 Firmware 2024-02-28 10.0 HIGH N/A
GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.
CVE-2010-5307 1 Gehealthcare 1 Optima Mr360 Firmware 2024-02-28 10.0 HIGH N/A
The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.