Lucene search
K

55 matches found

prion
prion
added 2020/01/24 5:15 p.m.17 views

Input validation

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station CSCS Versions 1.X CARESCAPE Central Station CSCS Versions 2.X, B450 Version 2.X, B6...

10CVSS9.6AI score0.04932EPSS
Exploits0References2Affected Software9
prion
prion
added 2020/01/24 5:15 p.m.18 views

Code injection

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station CSCS Versions 1.X, a vulnerability exists in the affected products that could allow...

7.5CVSS9.2AI score0.01619EPSS
Exploits0References2Affected Software6
prion
prion
added 2020/01/24 5:15 p.m.20 views

Hardcoded credentials

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execut...

10CVSS9.6AI score0.02746EPSS
Exploits0References2Affected Software6
cvelist
cvelist
added 2020/01/24 5:7 p.m.32 views

CVE-2020-6966

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an...

9.7AI score0.02221EPSS
Exploits0References1
cve
cve
added 2020/01/24 5:7 p.m.56 views

CVE-2020-6966

CVE-2020-6966 concerns GE Healthcare CARESCAPE/CIC/CSCS/ApexPro telemetry systems that use a weak encryption scheme for remote desktop control, enabling remote code execution on affected devices. The GE GEHC advisory (ICSMA-20-023-01) lists affected products: ApexPro Telemetry Server (4.2 and pri...

10CVSS9.6AI score0.02221EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/01/24 5:6 p.m.62 views

CVE-2020-6965

GE Healthcare advisories document CVE-2020-6965 as an Unrestricted Upload of File with Dangerous Type vulnerability in the software update mechanism. Affected products include ApexPro Telemetry Server (4.2 and prior), CARESCAPE Telemetry Server (4.2 and prior), CIC (4.X/5.X), CSCS (1.X), and B450...

9.9CVSS9AI score0.0113EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/01/24 5:6 p.m.32 views

CVE-2020-6965

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, a vulnerability...

9.2AI score0.0113EPSS
Exploits0References1
cvelist
cvelist
added 2020/01/24 4:32 p.m.26 views

CVE-2020-6964

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Central Station CSCS Versions 1.X and CARESCAPE Central Station CSCS Versions 2.X, the integrated service for keyboard switching of the...

8.7AI score0.0136EPSS
Exploits0References1
cve
cve
added 2020/01/24 4:32 p.m.61 views

CVE-2020-6964

The CVE-2020-6964 entry corresponds to GE Healthcare vulnerabilities affecting CARESCAPE Telemetry Server, ApexPro Telemetry Server, CIC, and CSCS (and related monitor endpoints) where the integrated service for keyboard switching could allow attackers to obtain remote keyboard input access witho...

8.6CVSS8.5AI score0.0136EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/01/24 4:31 p.m.75 views

CVE-2020-6963

GE Healthcare GECARE/CSCS/CIC/ApexPro Telemetry Server and related components (ApexPro Telemetry Server 4.2 and prior; CARESCAPE Telemetry Server 4.2 and prior; CIC 4.X/5.X; CSCS 1.X, 2.X; B450/B650/B850 monitors) are affected by CVE-2020-6963 alongside a family of vulnerabilities (CVE-2020-6961/...

10CVSS9.4AI score0.02746EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/01/24 4:7 p.m.47 views

CVE-2020-6962

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station CSCS Versions 1.X CARESCAPE Central Station CSCS Versions 2.X, B450 Version 2.X, B6...

9.6AI score0.04932EPSS
Exploits0References1
cve
cve
added 2020/01/24 4:7 p.m.78 views

CVE-2020-6961

CVE-2020-6961 affects GE Healthcare CARESCAPE Telemetry Server, ApexPro Telemetry Server, CIC (4.X/5.X), and CSCS (1.X) per GE ICS advisory (ICSMA-20-023-01). Root cause: unprotected storage of credentials that could allow an attacker to obtain the SSH private key from configuration files. Impact...

10CVSS9.1AI score0.01619EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/01/24 4:7 p.m.25 views

CVE-2020-6961

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station CSCS Versions 1.X, a vulnerability exists in the affected products that could allow...

9.2AI score0.01619EPSS
Exploits0References1
ics
ics
added 2020/01/23 12:0 a.m.48 views

GE CARESCAPE, ApexPro, and Clinical Information Center systems

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Equipment: CARESCAPE Telemetry Server, ApexPro Telemetry Server, CARESCAPE Central Station CSCS and Clinical Information Center CIC systems, CARESCAPE B450, B650, B850 Monitors Vulnerabilities:...

10CVSS10AI score0.04932EPSS
Exploits0References5
cvelist
cvelist
added 2015/11/19 11:0 a.m.24 views

CVE-2015-7910

Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body...

6.7AI score0.02067EPSS
Exploits0References1
Rows per page
Query Builder