CVE-2017-14006

CVE-2017-14006

Vendor Ge Healthcare
Product GE Xeleris
Weakness CWE-287 · Improper authentication
Published March 20, 2018
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.

Key dates

02Disclosure timeline

March 20, 2018 CVE published
September 16, 2024 Record updated