CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component
[
{
"cpes": [
"cpe:2.3:o:gehealthcare:venue_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "venue_firmware",
"versions": [
{
"status": "affected",
"version": "r1"
},
{
"status": "affected",
"version": "r2"
},
{
"status": "affected",
"version": "r3",
"versionType": "custom",
"lessThanOrEqual": "r3.3"
},
{
"status": "affected",
"version": "r4",
"versionType": "custom",
"lessThanOrEqual": "r4.3"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:venue_go_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "venue_go_firmware",
"versions": [
{
"status": "affected",
"version": "r2"
},
{
"status": "affected",
"version": "r3",
"versionType": "custom",
"lessThanOrEqual": "r3.3"
},
{
"status": "affected",
"version": "r4",
"versionType": "custom",
"lessThanOrEqual": "r4.3"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:venue_fit_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "venue_fit_firmware",
"versions": [
{
"status": "affected",
"version": "r3",
"versionType": "custom",
"lessThanOrEqual": "r3.3"
},
{
"status": "affected",
"version": "r4",
"versionType": "custom",
"lessThanOrEqual": "r4.3"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:logiq_e_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "logiq_e_firmware",
"versions": [
{
"status": "affected",
"version": "r7",
"versionType": "custom",
"lessThanOrEqual": "r9.1.4"
},
{
"status": "affected",
"version": "r8",
"versionType": "custom",
"lessThanOrEqual": "r10.1.3"
},
{
"status": "affected",
"version": "r9",
"versionType": "custom",
"lessThanOrEqual": "r11.0.3"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:logiq_he_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "logiq_he_firmware",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "r9.3.1"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:vivid_e_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "vivid_e_firmware",
"versions": [
{
"status": "affected",
"version": "e95",
"lessThan": "206",
"versionType": "custom"
},
{
"status": "affected",
"version": "e90",
"lessThan": "206",
"versionType": "custom"
},
{
"status": "affected",
"version": "e80",
"lessThan": "206",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:vivid_t_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "vivid_t_firmware",
"versions": [
{
"status": "affected",
"version": "t8",
"lessThan": "206",
"versionType": "custom"
},
{
"status": "affected",
"version": "t9",
"lessThan": "206",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:gehealthcare:vivid_iq_firmware:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "vivid_iq_firmware",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "206",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:voluson_expert_16:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "voluson_expert_16",
"versions": [
{
"status": "affected",
"version": "0"
},
{
"status": "affected",
"version": "bt24"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:voluson_expert_18:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "voluson_expert_18",
"versions": [
{
"status": "affected",
"version": "0"
},
{
"status": "affected",
"version": "bt24"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:voluson_expert_22:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "voluson_expert_22",
"versions": [
{
"status": "affected",
"version": "0"
},
{
"status": "affected",
"version": "bt24"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:voluson_swift:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "voluson_swift",
"versions": [
{
"status": "affected",
"version": "0"
},
{
"status": "affected",
"version": "bt24"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:logiq_e10:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "logiq_e10",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "r3.2.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:logiq_e10s:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "logiq_e10s",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "r3.2.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:gehealthcare:logiq_fortis:*:*:*:*:*:*:*:*"
],
"vendor": "gehealthcare",
"product": "logiq_fortis",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "r3.2.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total