EUVD-2010-5267

Malware in sbrugna...

EUVD-2010-5266

Malware in sbrugna...

GE Healthcare Optima MR360 HIPAA Configuration Interface Built-in Account Vulnerability

GE Healthcare CADStream Server is a suite of applications used in the healthcare industry and provides automated analysis and reporting for magnetic resonance imaging. Built-in accounts exist for the GE Healthcare Optima MR360 HIPAA configuration interface, with the root account using the...

GE Healthcare Optima MR360 Built-in Account Vulnerability

The GE Healthcare Optima MR360 is a magnetic resonance imaging MRI system for the healthcare industry. The GE Healthcare Optima MR360 fails to properly verify login authentication, allowing remote attackers to exploit the vulnerability by submitting a special request to gain access...

CVE-2010-5308

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access...

CVE-2010-5307

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of 1 operator for the root account, 2 adw2.0 for the admin account, and 3 adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcode...

Hardcoded credentials

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of 1 operator for the root account, 2 adw2.0 for the admin account, and 3 adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcode...

CVE-2010-5307

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of 1 operator for the root account, 2 adw2.0 for the admin account, and 3 adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcode...

CVE-2010-5307

GE Healthcare Optima MR360 HIPAA configuration interface is affected by CVE-2010-5307, tied to built-in/default credentials (root: operator, admin: adw2.0, sdc: adw2.0). Public documentation confirms remote authentication bypass risk via these credentials and notes uncertainty on whether password...

CVE-2010-5308

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access...

CVE-2010-5308

Affected product: GE Healthcare Optima MR360. Vulnerability: Emergency login screen allows access without authentication via arbitrary username, enabling physically proximate users to gain access. Root cause per sources is insufficient authentication on the HIPAA emergency login procedure. Impact...