CVE-2017-14002

CVE-2017-14002

Vendor Ge Healthcare
Product GE Infinia
Weakness CWE-287 · Improper authentication
Published March 20, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Key dates

02Disclosure timeline

March 20, 2018 CVE published
September 17, 2024 Record updated