Vulnerabilities > CVE-2010-5310 - Credentials Management vulnerability in Gehealthcare Revolution Xq/I
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- http://apps.gehealthcare.com/servlet/ClientServlet/2296976-100R10.pdf?DOCCLASS=A&REQ=RAC&DIRECTION=2296976-100&FILENAME=2296976-100R10.pdf&FILEREV=10&DOCREV_ORG=10&SUBMIT=+ACCEPT+
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- https://twitter.com/digitalbond/status/619250429751222277
- http://apps.gehealthcare.com/servlet/ClientServlet/2296976-100R10.pdf?DOCCLASS=A&REQ=RAC&DIRECTION=2296976-100&FILENAME=2296976-100R10.pdf&FILEREV=10&DOCREV_ORG=10&SUBMIT=+ACCEPT+
- https://twitter.com/digitalbond/status/619250429751222277
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
- http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/