CVE-2002-2446

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-2446
GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without disabling product functionality for remote InSite support, which has unspecified impact and attack vectors.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://apps.gehealthcare.com/servlet/ClientServlet/2338955-100.pdf?REQ=RAA&DIRECTION=2338955-100&FILENAME=2338955-100.pdf&FILEREV=1&DOCREV_ORG=1
http://apps.gehealthcare.com/servlet/ClientServlet/2354459-100.pdf?REQ=RAA&DIRECTION=2354459-100&FILENAME=2354459-100.pdf&FILEREV=4&DOCREV_ORG=4
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
https://twitter.com/digitalbond/status/619250429751222277
http://apps.gehealthcare.com/servlet/ClientServlet/2338955-100.pdf?REQ=RAA&DIRECTION=2338955-100&FILENAME=2338955-100.pdf&FILEREV=1&DOCREV_ORG=1
http://apps.gehealthcare.com/servlet/ClientServlet/2354459-100.pdf?REQ=RAA&DIRECTION=2354459-100&FILENAME=2354459-100.pdf&FILEREV=4&DOCREV_ORG=4
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
https://twitter.com/digitalbond/status/619250429751222277
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:gehealthcare:millennium_mg_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:gehealthcare:millennium_myosight_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:gehealthcare:millennium_nc_firmware:-:*:*:*:*:*:*:*
History

20 Nov 2024, 23:43

Type Values Removed Values Added
References () http://apps.gehealthcare.com/servlet/ClientServlet/2338955-100.pdf?REQ=RAA&DIRECTION=2338955-100&FILENAME=2338955-100.pdf&FILEREV=1&DOCREV_ORG=1 - () http://apps.gehealthcare.com/servlet/ClientServlet/2338955-100.pdf?REQ=RAA&DIRECTION=2338955-100&FILENAME=2338955-100.pdf&FILEREV=1&DOCREV_ORG=1 -
References () http://apps.gehealthcare.com/servlet/ClientServlet/2354459-100.pdf?REQ=RAA&DIRECTION=2354459-100&FILENAME=2354459-100.pdf&FILEREV=4&DOCREV_ORG=4 - () http://apps.gehealthcare.com/servlet/ClientServlet/2354459-100.pdf?REQ=RAA&DIRECTION=2354459-100&FILENAME=2354459-100.pdf&FILEREV=4&DOCREV_ORG=4 -
References () http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/ - () http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/ -
References () https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02 - () https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02 -
References () https://twitter.com/digitalbond/status/619250429751222277 - () https://twitter.com/digitalbond/status/619250429751222277 -
Information

Published : 2015-08-04 14:59

Updated : 2025-04-12 10:46

NVD link : CVE-2002-2446

Mitre link : CVE-2002-2446

CVE.ORG link : CVE-2002-2446

JSON object : View

Products Affected

gehealthcare

  • millennium_nc_firmware
  • millennium_mg_firmware
  • millennium_myosight_firmware
CWE
CWE-255

Credentials Management Errors