PT-2015-3590 · Netopia+1 · Timbuktu Pro+1

Scott Erven

Published

2015-08-04

Updated

2018-03-28

CVE-2013-7442

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions GE Healthcare Centricity PACS Workstation versions 4.0 through 4.0.1

Description The issue concerns hardcoded passwords for the Administrator and IIS users. The passwords are CANal1 for the Administrator user and iis for the IIS user. This has unspecified impact and is related to TimbuktuPro, with unclear details on whether these passwords are default, hardcoded, or dependent on another system.

Recommendations For GE Healthcare Centricity PACS Workstation versions 4.0 through 4.0.1, change the default passwords for the Administrator and IIS users to strong, unique passwords to mitigate potential risks. As a temporary workaround, consider restricting access to the system until the passwords can be changed.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2013-7442

Affected Products

Ge Healthcare Centricity Pacs Workstation

Timbuktu Pro

PT-2015-3590 · Netopia+1 · Timbuktu Pro+1

CVE-2013-7442

Weakness Enumeration

Related Identifiers

Affected Products

References · 6