Lucene search
K

8 matches found

NVD
NVD
added 2018/07/03 1:29 a.m.21 views

CVE-2018-10596

Medtronic 2090 CareLink Programmer uses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading updates. The affected products initially establish an encapsulated IP-based VPN connection to a...

8CVSS7.7AI score0.0132EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/02 6:0 p.m.22 views

CVE-2018-10596 Medtronic 2090 Carelink Programmer Improper Restriction of Communication Channel to Intended Endpoints

Medtronic 2090 CareLink Programmer uses a virtual private network connection to securely download updates. It does not verify it is still connected to this virtual private network before downloading updates. The affected products initially establish an encapsulated IP-based VPN connection to a...

7.1CVSS7.6AI score0.0132EPSS
Exploits0References2
CVE
CVE
added 2018/07/02 6:0 p.m.56 views

CVE-2018-10596

CVE-2018-10596 affects the Medtronic 2090 CareLink Programmer (and 29901 Encore Programmer) where software downloads updates over a VPN-protected network via HTTP without verifying VPN persistence or update source. The root issue is improper restriction of communication channels to intended endpo...

8CVSS7AI score0.0132EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/05/04 6:29 p.m.18 views

Directory traversal

All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal vulnerability where the product's software deployment network could allow an attacker to read files on the system...

2.7CVSS6.1AI score0.00739EPSS
Exploits0References1
NVD
NVD
added 2018/05/04 6:29 p.m.15 views

CVE-2018-5446

Medtronic 2090 CareLink Programmer uses a per-product username and password that is stored in a recoverable format...

5.3CVSS5.9AI score0.0039EPSS
Exploits0References3
CVE
CVE
added 2018/05/04 6:0 p.m.53 views

CVE-2018-5446

CVE-2018-5446 affects Medtronic CareLink programmers (2090 CareLink Programmer and 29901 Encore Programmer). The flaw arises from passwords stored in a recoverable format, enabling credential exposure when physical access is present. ICS-CERT advisory and subsequent updates document a CVSS v3 bas...

5.3CVSS5.5AI score0.0039EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/05/04 6:0 p.m.21 views

CVE-2018-5446 Medtronic 2090 Carelink Programmer Storing Passwords in a Recoverable Format

Medtronic 2090 CareLink Programmer uses a per-product username and password that is stored in a recoverable format...

4.9CVSS5.1AI score0.0039EPSS
Exploits0References2
CVE
CVE
added 2018/05/04 6:0 p.m.52 views

CVE-2018-5448

CVE-2018-5448 affects Medtronic 2090 CareLink Programmer and 29901 Encore Programmer via the CareLink SDN. The vulnerability is a relative path traversal in the software deployment network that could allow an attacker to read files on the system. ICS-CERT advisory Update C/Update B describes this...

5.7CVSS5.3AI score0.00739EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder