Vulnerabilities > Gehealthcare > Optima Mr360 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-14 | CVE-2020-25179 | Information Exposure vulnerability in Gehealthcare products GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | 7.5 |
| 2020-12-14 | CVE-2020-25175 | Insufficiently Protected Credentials vulnerability in Gehealthcare products GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. | 5.0 |
| 2015-08-04 | CVE-2010-5308 | Credentials Management vulnerability in Gehealthcare Optima Mr360 Firmware GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. | 10.0 |
| 2015-08-04 | CVE-2010-5307 | Credentials Management vulnerability in Gehealthcare Optima Mr360 Firmware The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. | 10.0 |