CVE-2017-14006
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-14006
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
GE Xeleris 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
GE Xeleris是美国通用电气(GE)公司的一套医学影像管理系统。 GE Xeleris中存在安全漏洞,该漏洞源于设备使用了默认凭证或硬编码凭证。远程攻击者可利用该漏洞绕过身份验证并获取设备的访问权限。以下版本受到影响:GE Xeleris 1.0版本,1.1版本,2.1版本,3.0版本,3.1版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| GE Healthcare | GE Xeleris | 1.0,1.1,2.1,3.0,3.1 | - |
II. Public POCs for CVE-2017-14006
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-14006
请登录查看更多情报信息。
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2017-14006
Same Patch Batch · GE Healthcare · 2018-03-20 · 4 CVEs total
| CVE-2017-14002 | GE Infinia/Infinia with Hawkeye 4 安全漏洞 | |
| CVE-2017-14004 | GE 安全漏洞 | |
| CVE-2017-14008 | GE Centricity PACS RA1000 授权问题漏洞 |
IV. Related Vulnerabilities
Same vendor: GE Healthcare
- CVE-2024-27110
Elevation of privilege vulnerability in GE HealthCare EchoPA - CVE-2024-27109
Insufficiently protected credentials in GE HealthCare EchoPA - CVE-2024-27108
Non privileged access to critical file vulnerability in GE H - CVE-2024-27107
Weak account password in GE HealthCare EchoPAC products - CVE-2024-27106
Vulnerable data in transit in GE HealthCare EchoPAC products
Same weakness: CWE-287
- CVE-2026-42822
Azure Local Disconnected Operations (ALDO) Elevation of Priv - CVE-2026-44551
Open WebUI: LDAP Empty Password Authentication Bypass - CVE-2026-5229
Receive Notifications After Form Submitting – Form Notify fo - CVE-2026-8621
Crabbox < v0.12.0 Authentication Bypass via Header Spoofing - CVE-2026-20182
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulne
V. Comments for CVE-2017-14006
No comments yet