Lucene search

MitreCVE-2012-6660

HistoryAug 04, 2015 - 2:59 p.m.

CVE-2012-6660

2015-08-0414:59:17

CWE-255

mitre

web.nvd.nist.gov

cve-2012-6660

ge healthcare

precision mpi

default password

unspecified impact

attack vectors

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.003

Percentile

71.6%

JSON

GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.

Affected configurations

Nvd

Node

gehealthcareprecision_mpi

VendorProductVersionCPE
gehealthcareprecision_mpi*cpe:2.3:h:gehealthcare:precision_mpi:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gehealthcare	precision_mpi	*	cpe:2.3:h:gehealthcare:precision_mpi::::::::

References

apps.gehealthcare.com/servlet/ClientServlet/2407310-100+Vol.+F_Rev1.pdf?REQ=RAA&DIRECTION=2407310-100+Vol.+F&FILENAME=2407310-100%2BVol.%2BF_Rev1.pdf&FILEREV=1&DOCREV_ORG=1

www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/

ics-cert.us-cert.gov/advisories/ICSMA-18-037-02

twitter.com/digitalbond/status/619250429751222277

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.003

Percentile

71.6%

JSON

Related for CVE-2012-6660