HIGH🇵🇱 Wersja polska

CVE-2010-5308

CVSS 10.0v2.0pub. 2015-08-04upd. 2026-05-06

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Gehealthcare Optima Mr360 Firmware

    OS
    Gehealthcare
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-25175CRITICAL9.8ten sam produkt

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport ov...

CVE-2020-25179CRITICAL9.8ten sam produkt

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport ov...

CVE-2010-5307HIGH10.0ten sam produkt

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root ac...

CVE-2020-6961CRITICAL10.0ten sam vendor

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Informa...

CVE-2020-6962CRITICAL10.0ten sam vendor

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Informa...