CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2777

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1750%
EPSS Percentile41.08th
PublishedAug 4, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin administrator account of the ASACA DVD library, (3) an empty value for the gemsservice account of the Ultrasound Database, and possibly (4) gemnet2002 for the gemnet2002 account of the GEMNet license server, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Affected Platforms (CPE)

πŸ’»
Gehealthcare

Centricity Image Vault Firmware

All versions

References & Advisories

πŸ”— http://apps.gehealthcare.com/servlet/ClientServlet/2010564-002E.pdf?REQ=RAA&DIRECTION=2010564-002&FILENAME=2010564-002E.pdf&FILEREV=E&DOCREV_ORG=E
πŸ”— http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
πŸ”— https://twitter.com/digitalbond/status/619250429751222277
πŸ”— http://apps.gehealthcare.com/servlet/ClientServlet/2010564-002E.pdf?REQ=RAA&DIRECTION=2010564-002&FILENAME=2010564-002E.pdf&FILEREV=E&DOCREV_ORG=E
πŸ”— http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/
πŸ”— https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02
πŸ”— https://twitter.com/digitalbond/status/619250429751222277

Related Vulnerabilities

CVE-2004-090410.0

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird...

CVE-2004-129010.0

Buffer overflow in the process_moves function in pgn2web.c for pgn2web 0.3 allows remote attackers to execute arbitrary code via a...

CVE-2004-041810.0

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow ...

CVE-2004-106710.0

Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may al...