Lucene search

K
cve[email protected]CVE-2011-5324
HistoryAug 04, 2015 - 2:59 p.m.

CVE-2011-5324

2015-08-0414:59:16
CWE-255
web.nvd.nist.gov
20
cve-2011-5324
terarecon
ge healthcare
centricity pacs-iw
security vulnerability
hard-coded passwords

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.7%

The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1) shared for the shared user and (2) scan for the scan user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Affected configurations

NVD
Node
gehealthcarecentricity_pacs-iwMatch3.7.3.7
OR
gehealthcarecentricity_pacs-iwMatch3.7.3.8

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.7%

Related for CVE-2011-5324