Description

A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host.

Related CPE's

o

ge

voluson_s8_firmware

-

Vulnerable

h

ge

voluson_s8

-

References

https://vuldb.com/?id.129834

https://www.scip.ch/?news.20200701

Weaknesses

[email protected]

Primary
CWE-287

[email protected]

Secondary
CWE-287

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-17T13:15:11.993

3 years ago

Last modified

2023-11-07T03:22:16.733

1 year ago