- Synchronized data.

2025-06-08 05:58:08 +00:00 · 2018-08-10 14:04:17 -04:00 · 2018-08-10 14:04:17 -04:00 · 9a0298d478
commit 9a0298d478
parent 91fa270ec6
3 changed files with 23 additions and 2 deletions
--- a/2018/10xxx/CVE-2018-10622.json
+++ b/2018/10xxx/CVE-2018-10622.json
@ -35,7 +35,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "Medtronic MyCareLink 24950, 24952 Patient Monitor, all versions The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest."
+            "value" : "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest."
         }
      ]
   },
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
+            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
         }
      ]
--- a/2018/10xxx/CVE-2018-10626.json
+++ b/2018/10xxx/CVE-2018-10626.json
@ -35,7 +35,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "Medtronic MyCareLink 24950, 24952 Patient Monitor, all versions The affected product's update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
+            "value" : "A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product's update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network."
         }
      ]
   },
@ -54,6 +54,8 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01",
+            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-219-01"
         }
      ]
--- a/2018/1xxx/CVE-2018-1354.json
+++ b/2018/1xxx/CVE-2018-1354.json
@ -56,7 +56,24 @@
   "references" : {
      "reference_data" : [
         {
+            "name" : "https://fortiguard.com/advisory/FG-IR-18-014",
+            "refsource" : "CONFIRM",
            "url" : "https://fortiguard.com/advisory/FG-IR-18-014"
+         },
+         {
+            "name" : "104537",
+            "refsource" : "BID",
+            "url" : "http://www.securityfocus.com/bid/104537"
+         },
+         {
+            "name" : "1041182",
+            "refsource" : "SECTRACK",
+            "url" : "http://www.securitytracker.com/id/1041182"
+         },
+         {
+            "name" : "1041183",
+            "refsource" : "SECTRACK",
+            "url" : "http://www.securitytracker.com/id/1041183"
         }
      ]
   }