Unrated severityNVD Advisory· Published Aug 4, 2015· Updated May 6, 2026

CVE-2010-5308

Description

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.

Affected products

Gehealthcare/Optima Mr360 Firmware
cpe:2.3:o:gehealthcare:optima_mr360_firmware:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

apps.gehealthcare.com/servlet/ClientServlet/MR360+operator+manual+paper.pdfnvd
www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/nvd
twitter.com/digitalbond/status/619250429751222277nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000