ByteOS Network

NVD Vulnerability Details :

CVE-2010-5308

Deferred

Source-cve@mitre.org

Published At-04 Aug, 2015 | 14:59

Updated At-12 Apr, 2025 | 10:46

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

gehealthcare>>optima_mr360_firmware>>-

cpe:2.3:o:gehealthcare:optima_mr360_firmware:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-255	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4	cve@mitre.org	N/A
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/	cve@mitre.org	N/A
https://twitter.com/digitalbond/status/619250429751222277	cve@mitre.org	N/A
http://apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdf?REQ=RAA&DIRECTION=5339461-1EN&FILENAME=MR360%2Boperator%2Bmanual%2Bpaper.pdf&FILEREV=4&DOCREV_ORG=4	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/	af854a3a-2127-422b-91ae-364da2661108	N/A
https://twitter.com/digitalbond/status/619250429751222277	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History