CVE Vulnerability

CVE-2007-6757

GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
https://twitter.com/digitalbond/status/619250429751222277
http://apps.gehealthcare.com/servlet/ClientServlet/2019295-133D.pdf?REQ=RAA&DIRECTION=2019295-133D&FILENAME=2019295-133D.pdf&FILEREV=D&DOCREV_ORG=D
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
http://apps.gehealthcare.com/servlet/ClientServlet/DMS+Sys+Mgmt+Manual.pdf?REQ=RAA&DIRECTION=DOC1258180&FILENAME=DMS%2BSys%2BMgmt%2BManual.pdf&FILEREV=3&DOCREV_ORG=3
http://apps.gehealthcare.com/servlet/ClientServlet/2019295-133G.pdf?REQ=RAA&DIRECTION=2019295-133&FILENAME=2019295-133G.pdf&FILEREV=G&DOCREV_ORG=G
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
Configurations

Configuration 1

cpe:2.3:o:gehealthcare:centricity_dms_firmware:4.2:*:*:*:*:*:*:*
cpe:2.3:o:gehealthcare:centricity_dms_firmware:4.0:*:*:*:*:*:*:*
cpe:2.3:o:gehealthcare:centricity_dms_firmware:4.1:*:*:*:*:*:*:*
Information

Published : 2015-08-04 02:59

Updated : 2018-03-28 01:29

NVD link : CVE-2007-6757

Mitre link : CVE-2007-6757

Products Affected
No products.
CWE
CWE-255