CVE-2018-8849

Опубликовано: 18 мая 2018

Источник: nvd

CVSS3: 4.6

CVSS2: 2.1

EPSS Низкий

Описание

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programme and 8870 N'Vision removable Application Card do not encrypt PII and PHI while at rest.

Ссылки

http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
Vendor Advisory
http://www.securityfocus.com/bid/104213
Third Party Advisory
VDB Entry
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-137-01
https://www.medtronic.com/security
http://www.medtronic.com/content/dam/medtronic-com/us-en/corporate/documents/Medtronic-NVision-8840_Security-Bulletin_FINAL.pdf
Vendor Advisory
http://www.securityfocus.com/bid/104213
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSMA-18-137-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:medtronic:n\'vision_8840_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:n\'vision_8840:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:medtronic:n\'vision_8870_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:medtronic:n\'vision_8870:-:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00083

Низкий

4.6 Medium

CVSS3

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-311

Связанные уязвимости

GHSA-w48q-g7g7-4m96

CVSS3: 4.6

github

больше 3 лет назад

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.

EPSS

Процентиль: 25%

0.00083

Низкий

4.6 Medium

CVSS3

4.6 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-311