Lucene search

[email protected]CVE-2013-7405

HistoryAug 04, 2015 - 2:59 p.m.

CVE-2013-7405

2015-08-0414:59:22

CWE-255

[email protected]

web.nvd.nist.gov

cve-2013-7405

ad hoc reporting

ge healthcare

centricity dms 4.2

password vulnerability

nvd

security

information security

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.5%

JSON

The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!Mind for the Administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Affected configurations

NVD

Node

gehealthcarecentricity_dmsMatch4.2

CPENameOperatorVersion
gehealthcare:centricity_dmsgehealthcare centricity dmseq4.2

CPE	Name	Operator	Version
gehealthcare:centricity_dms	gehealthcare centricity dms	eq	4.2

References

apps.gehealthcare.com/servlet/ClientServlet/0908141_DMS+4.2+MTG.pdf?REQ=RAA&DIRECTION=0908141&FILENAME=0908141_DMS%2B4.2%2BMTG.pdf&FILEREV=D&DOCREV_ORG=D

www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/

twitter.com/digitalbond/status/619250429751222277

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.5%

JSON

Related for CVE-2013-7405

nvd1 cvelist1 prion1