CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27110 – Elevation of privilege vulnerability in GE HealthCare EchoPAC products
https://notcve.org/view.php?id=CVE-2024-27110
14 May 2024 — Elevation of privilege vulnerability in GE HealthCare EchoPAC products Elevación de la vulnerabilidad de privilegios en los productos GE HealthCare EchoPAC • https://securityupdate.gehealthcare.com • CWE-250: Execution with Unnecessary Privileges •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27109 – Insufficiently protected credentials in GE HealthCare EchoPAC products
https://notcve.org/view.php?id=CVE-2024-27109
14 May 2024 — Insufficiently protected credentials in GE HealthCare EchoPAC products Credenciales insuficientemente protegidas en los productos GE HealthCare EchoPAC • https://securityupdate.gehealthcare.com • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27108 – Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products
https://notcve.org/view.php?id=CVE-2024-27108
14 May 2024 — Non privileged access to critical file vulnerability in GE HealthCare EchoPAC products Acceso no privilegiado a la vulnerabilidad de archivos críticos en los productos GE HealthCare EchoPAC • https://securityupdate.gehealthcare.com • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27107 – Weak account password in GE HealthCare EchoPAC products
https://notcve.org/view.php?id=CVE-2024-27107
14 May 2024 — Weak account password in GE HealthCare EchoPAC products Contraseña de cuenta débil en productos GE HealthCare EchoPAC • https://securityupdate.gehealthcare.com • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-27106 – Vulnerable data in transit in GE HealthCare EchoPAC products
https://notcve.org/view.php?id=CVE-2024-27106
14 May 2024 — Vulnerable data in transit in GE HealthCare EchoPAC products Datos vulnerables en tránsito en productos GE HealthCare EchoPAC • https://securityupdate.gehealthcare.com • CWE-311: Missing Encryption of Sensitive Data •