Security Advisory

General Electric Communicator

Risk Information

Limited Threat

CVE ID

CVE-2019-6564

CVE-2019-6546

CVE-2019-6548

CVE-2019-6544

CVE-2019-6566

Vunerability Type

Uncontrolled Search Path Element

Use of Hard-coded Credentials

Improper Access Control

CVSS3 Score

7.8

8.1

5.6

7.3

CVSSv3 Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

GE Communicator: prior to v4.0.517

Version 4.0.517 is reported to fix all vulnerabilities.

05/02/2019