Vulnerabilities > CVE-2010-5309 - Credentials Management vulnerability in Gehealthcare Cadstream Server Firmware
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Common Weakness Enumeration (CWE)
References
- http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- https://twitter.com/digitalbond/status/619250429751222277
- http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4
- https://twitter.com/digitalbond/status/619250429751222277
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/