CVE-2012-6695

2015-08-0414:59:20

CWE-255

[email protected]

web.nvd.nist.gov

cve-2012-6695

ge healthcare

centricity pacs workstation

password vulnerability

nvd

cybersecurity

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.3%

JSON

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Affected configurations

NVD

Node

gehealthcarecentricity_pacs_workstationMatch4.0

gehealthcarecentricity_pacs_workstationMatch4.0.1

CPENameOperatorVersion
gehealthcare:centricity_pacs_workstationgehealthcare centricity pacs workstationeq4.0
gehealthcare:centricity_pacs_workstationgehealthcare centricity pacs workstationeq4.0.1

CPE	Name	Operator	Version
gehealthcare:centricity_pacs_workstation	gehealthcare centricity pacs workstation	eq	4.0
gehealthcare:centricity_pacs_workstation	gehealthcare centricity pacs workstation	eq	4.0.1

References

apps.gehealthcare.com/servlet/ClientServlet/C401_WS_INST_SV_2069560001r1.pdf?REQ=RAA&DIRECTION=2069560-001&FILENAME=C401_WS_INST_SV_2069560001r1.pdf&FILEREV=1&DOCREV_ORG=1

apps.gehealthcare.com/servlet/ClientServlet/C40_WS_INST_SV_2063534-001r2.pdf?REQ=RAA&DIRECTION=2063534-001&FILENAME=C40_WS_INST_SV_2063534-001r2.pdf&FILEREV=1&DOCREV_ORG=1

www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/

ics-cert.us-cert.gov/advisories/ICSMA-18-037-02

twitter.com/digitalbond/status/619250429751222277