CVE-2018-18976
The CVE-2018-18976 entry concerns the Ascensia Contour NEXT ONE mobile app (iOS/Android) prior to 2019-01-15. The root issue is Direct Object References that enable an attacker to enumerate user IDs to retrieve encrypted medical information from the Ascensia cloud platform. The exposed data is en...