Default and Insecure Passwords in TeraRecon Server for GE Healthcare Centricity PACS-IW

Default and Insecure Passwords in TeraRecon Server for GE Healthcare Centricity PACS-IW

CVE-2011-5324 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1) shared for the shared user and (2) scan for the scan user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password is default, hardcoded, or dependent on another system or product that requires a fixed value.

Learn more about our Cis Benchmark Audit For Server Software.