QwikSec

Security Database

CVE

CWE

Training

CVE-2010-5308

Published: Aug 4, 2015

Modified: Aug 7, 2024

PUBLISHED

Description

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4

x_refsource_CONFIRM

http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/

x_refsource_MISC

https://twitter.com/digitalbond/status/619250429751222277

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.