Home
HIGH: 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NDefault status
unaffected
R1
affected
R2
affected
R3 (custom)
affected
R4 (custom)
affected
Default status
unaffected
R2
affected
R3 (custom)
affected
R4 (custom)
affected
Default status
unaffected
R3 (custom)
affected
R4 (custom)
affected
Default status
unaffected
R7 (custom)
affected
R8 (custom)
affected
R9 (custom)
affected
Default status
unaffected
Any version
affected
Default status
unaffected
E95 (custom) before 206
affected
E90 (custom) before 206
affected
E80 (custom) before 206
affected
Default status
unaffected
T8 (custom) before 206
affected
T9 (custom) before 206
affected
Default status
unaffected
Any version before 206
affected
Default status
unaffected
Any version
affected
BT24
affected
Default status
unaffected
Any version
affected
BT24
affected
Default status
unaffected
Any version
affected
BT24
affected
Default status
unaffected
Any version
affected
BT24
affected
Default status
unaffected
Any version before R3.2.0
affected
Default status
unaffected
Any version before R3.2.0
affected
Default status
unaffected
Any version before R3.2.0
affected
Description
Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component
Problem types
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Product status
R1
R2
R3 (custom)
R4 (custom)
R2
R3 (custom)
R4 (custom)
R3 (custom)
R4 (custom)
R7 (custom)
R8 (custom)
R9 (custom)
Any version
E95 (custom) before 206
E90 (custom) before 206
E80 (custom) before 206
T8 (custom) before 206
T9 (custom) before 206
Any version before 206
Any version
BT24
Any version
BT24
Any version
BT24
Any version
BT24
Any version before R3.2.0
Any version before R3.2.0
Any version before R3.2.0
Credits
Andrea Palanca and Gabriele Quagliarella of Nozomi Networks
References
securityupdate.gehealthcare.com/
