CVE-2024-1630 | THREATINT

Description

Path traversal vulnerability in “getAllFolderContents” function of Common Service Desktop, a GE HealthCare ultrasound device component

Reserved 2024-02-19 | Published 2024-05-14 | Updated 2024-08-22 | Assigner GEHC

HIGH: 7.7CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

R1

affected

R2

affected

R3

affected

R4

affected

Default status

unaffected

R2

affected

R3

affected

R4

affected

Default status

unaffected

R3

affected

R4

affected

Default status

unaffected

R7

affected

R8

affected

R9

affected

Default status

unaffected

Any version

affected

Default status

unaffected

E95 before 206

affected

E90 before 206

affected

E80 before 206

affected

Default status

unaffected

T8 before 206

affected

T9 before 206

affected

Default status

unaffected

Any version before 206

affected

Default status

unaffected

Any version

affected

BT24

affected

Default status

unaffected

Any version

affected

BT24

affected

Default status

unaffected

Any version

affected

BT24

affected

Default status

unaffected

Any version

affected

BT24

affected

Default status

unaffected

Any version before R3.2.0

affected

Default status

unaffected

Any version before R3.2.0

affected

Default status

unaffected

Any version before R3.2.0

affected

Credits

Andrea Palanca and Gabriele Quagliarella of Nozomi Networks finder

References

securityupdate.gehealthcare.com/

cve.org (CVE-2024-1630)

nvd.nist.gov (CVE-2024-1630)

Download JSON

Support options

Helpdesk Chat, Email, Knowledgebase

Subscribe to our newsletter to learn more about our work.