Skip to main content
CVE-2014-7232 CRITICAL Act Now

GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Discovery Xr656 Discovery Xr656 G2
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2013-7442 CRITICAL Act Now

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of (1) CANal1 for the Administrator user and (2) iis for the IIS user, which has unspecified impact and attack vectors related. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centricity Pacs Workstation
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2012-6695 CRITICAL Act Now

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centricity Pacs Workstation
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2012-6694 CRITICAL Act Now

GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centricity Pacs Server Centricity Pacs Workstation
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2012-6693 CRITICAL Act Now

GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centricity Pacs Server
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2014-7233 CRITICAL Act Now

GE Healthcare Precision THUNIS-800+ has a default password of (1) 1973 for the factory default System Utilities menu, (2) TH8740 for installation using TH8740_122_Setup.exe, (3) hrml for "Setup and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Precision Thunis 800
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2013-7404 CRITICAL Act Now

GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Discovery Nm 750B
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2012-6660 CRITICAL Act Now

GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Precision Mpi
NVD
CVSS 2.0
10.0
EPSS
0.5%
CVE-2014-9736 CRITICAL Act Now

GE Healthcare Centricity Clinical Archive Audit Trail Repository has a default password of initinit for the (1) SSL key manager and (2) server keystore; (3) keystore_password for the server. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centricity Clinical Archive Audit Trail Repository
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2013-7405 CRITICAL Act Now

The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!Mind for the Administrator user, which has unspecified impact and attack vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Centricity Dms
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2015-3959 HIGH This Week

The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magnum 10K Firmware Magnum 6K Firmware
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-3940 MEDIUM PATCH This Month

Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Rated medium severity (CVSS 6.9). This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Schneider Electric Wonderware System Platform 2014
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-3963 MEDIUM PATCH This Month

Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Schneider Electric Information Disclosure Vxworks
NVD
CVSS 2.0
5.8
EPSS
3.0%
CVE-2015-3942 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Magnum 10K Firmware Magnum 6K Firmware
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2015-3960 MEDIUM This Month

The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Magnum 10K Firmware Magnum 6K Firmware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-3961 LOW Monitor

The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Buffer Overflow Magnum 10K Firmware Magnum 6K Firmware
NVD
CVSS 2.0
3.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy