admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-08-10 14:04:17 -04:00
parent 91fa270ec6
commit 9a0298d478
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2018/10xxx/CVE-2018-10622.json
View File

@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Medtronic MyCareLink 24950, 24952 Patient Monitor, all versions The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest." "value" : "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest."
} }
] ]
}, },
@ -54,6 +54,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01" "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
} }
] ]

4
2018/10xxx/CVE-2018-10626.json
View File

@ -35,7 +35,7 @@
"description_data" : [ "description_data" : [
{ {
"lang" : "eng", "lang" : "eng",
"value" : "Medtronic MyCareLink 24950, 24952 Patient Monitor, all versions The affected product's update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network." "value" : "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product's update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
} }
] ]
}, },
@ -54,6 +54,8 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01" "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
} }
] ]

17
2018/1xxx/CVE-2018-1354.json
View File

@ -56,7 +56,24 @@
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{ {
"name" : "https://fortiguard.com/advisory/FG-IR-18-014",
"refsource" : "CONFIRM",
"url" : "https://fortiguard.com/advisory/FG-IR-18-014" "url" : "https://fortiguard.com/advisory/FG-IR-18-014"
},
{
"name" : "104537",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104537"
},
{
"name" : "1041182",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041182"
},
{
"name" : "1041183",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041183"
} }
] ]
} }