PT-2015-3540 · Netopia+1 · Timbuktu Pro+2

Published

2015-08-04

Updated

2018-03-28

CVE-2012-6694

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GE Healthcare Centricity PACS Workstation versions 4.0 through 4.0.1 GE Healthcare Centricity PACS Server version 4.0

Description The issue concerns a password for the geservice account, which is set to 2charGE. This password has an unspecified impact and is related to TimbuktuPro. The nature of this password, whether it is default, hardcoded, or dependent on another system, is unclear.

Recommendations For GE Healthcare Centricity PACS Workstation versions 4.0 through 4.0.1, change the password of the geservice account to a secure one. For GE Healthcare Centricity PACS Server version 4.0, change the password of the geservice account to a secure one. As a temporary workaround, consider restricting access to the geservice account until a secure password is set.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2012-6694

Affected Products

Ge Healthcare Centricity Pacs Server

Ge Healthcare Centricity Pacs Workstation

Timbuktu Pro

PT-2015-3540 · Netopia+1 · Timbuktu Pro+2

CVE-2012-6694

Weakness Enumeration

Related Identifiers

Affected Products

References · 6