CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
71.6%
GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.
Vendor | Product | Version | CPE |
---|---|---|---|
gehealthcare | centricity_image_vault_firmware | * | cpe:2.3:o:gehealthcare:centricity_image_vault_firmware:*:*:*:*:*:*:*:* |
apps.gehealthcare.com/servlet/ClientServlet/2010564-002E.pdf?REQ=RAA&DIRECTION=2010564-002&FILENAME=2010564-002E.pdf&FILEREV=E&DOCREV_ORG=E
www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
twitter.com/digitalbond/status/619250429751222277