Search criteria
3 vulnerabilities found for anthem by abbott
VAR-201804-0521
Vulnerability from variot - Updated: 2023-12-18 13:28Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units. Additionally, the Accent and Anthem pacemakers store the optional patient information without encryption. CVSS v3 base score: 3.1, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. Abbott Laboratories pacemakers Contains an information disclosure vulnerability.Information may be obtained. Accent, Anthem, Accent MRI, Assurity, Allure, and Assurity MRI are all implantable medical devices from Abbott Laboratories. Multiple Abbott Pacemakers are prone to the following multiple security vulnerabilities: 1. An authentication-bypass vulnerability 2. An information-disclosure vulnerability 3. A Denial-of-Service vulnerability Successful exploits may allow an attacker to gain unauthorized access or bypass intended security restrictions, obtain sensitive information or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0521",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "accent mri",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f10.08.6c"
},
{
"model": "accent st",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f10.08.6c"
},
{
"model": "accent",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f0b.0e.7e"
},
{
"model": "anthem",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f0b.0e.7e"
},
{
"model": "accent",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "accent mri",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "accent st",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "anthem",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "laboratories accent \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories anthem \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories accent mri \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories assurity mri \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "assurity mri",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "assurity",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "anthem",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "allure",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent st",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent mri",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "assurity mri f17.01.49",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "assurity f14.07.80",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "anthem f0b.0e.7e",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "allure f14.07.80",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent st f10.08.6c",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent mri f10.08.6c",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent f0b.0e.7e",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "anthem",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent mri",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent st",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "NVD",
"id": "CVE-2017-12716"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f0b.0e.7e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:anthem_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f0b.0e.7e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:anthem:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_mri_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f10.08.6c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent_mri:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_st_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f10.08.6c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent_st:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12716"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MedSec Holdings Ltd",
"sources": [
{
"db": "BID",
"id": "100523"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
],
"trust": 0.9
},
"cve": "CVE-2017-12716",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12716",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-23899",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 1.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.2,
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12716",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12716",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-23899",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-086",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units. Additionally, the Accent and Anthem pacemakers store the optional patient information without encryption. CVSS v3 base score: 3.1, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. Abbott Laboratories pacemakers Contains an information disclosure vulnerability.Information may be obtained. Accent, Anthem, Accent MRI, Assurity, Allure, and Assurity MRI are all implantable medical devices from Abbott Laboratories. Multiple Abbott Pacemakers are prone to the following multiple security vulnerabilities:\n1. An authentication-bypass vulnerability\n2. An information-disclosure vulnerability\n3. A Denial-of-Service vulnerability\nSuccessful exploits may allow an attacker to gain unauthorized access or bypass intended security restrictions, obtain sensitive information or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12716",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSMA-17-241-01",
"trust": 3.3
},
{
"db": "BID",
"id": "100523",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23899",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2017.2157",
"trust": 0.3
},
{
"db": "IVD",
"id": "1F40774E-70DB-4D0B-92B4-A4C00C1E8CE5",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"id": "VAR-201804-0521",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
}
]
},
"last_update_date": "2023-12-18T13:28:57.809000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.abbott.com/"
},
{
"title": "Abbott Laboratories Patches for Errors in Encrypting Sensitive Data Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/101202"
},
{
"title": "Multiple Abbott Product information disclosure vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74541"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-319",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "NVD",
"id": "CVE-2017-12716"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-241-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100523"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12716"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12716"
},
{
"trust": 0.3,
"url": "http://www.abbott.com/"
},
{
"trust": 0.3,
"url": "http://abbott.mediaroom.com/2017-08-29-abbott-issues-new-updates-for-implanted-cardiac-devices"
},
{
"trust": 0.3,
"url": "https://www.auscert.org.au/bulletins/51662"
},
{
"trust": 0.3,
"url": "https://www.fda.gov/medicaldevices/safety/alertsandnotices/ucm573669.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "1f40774e-70db-4d0b-92b4-a4c00c1e8ce5"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100523"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"date": "2018-04-25T13:29:00.333000",
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"date": "2017-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23899"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100523"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013350"
},
{
"date": "2019-10-09T23:23:11.687000",
"db": "NVD",
"id": "CVE-2017-12716"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abbott Laboratories pacemakers Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013350"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-086"
}
],
"trust": 0.6
}
}
VAR-201804-0519
Vulnerability from variot - Updated: 2023-12-18 13:28The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. Abbott Laboratories pacemakers Contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Accent, Anthem, Accent MRI, Assurity, Allure, and Assurity MRI are all implantable medical devices from Abbott Laboratories. Authorized order. Multiple Abbott Pacemakers are prone to the following multiple security vulnerabilities: 1. An authentication-bypass vulnerability 2. An information-disclosure vulnerability 3. A Denial-of-Service vulnerability Successful exploits may allow an attacker to gain unauthorized access or bypass intended security restrictions, obtain sensitive information or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0519",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anthem",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f0b.0e.7e"
},
{
"model": "assurity",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f14.07.80"
},
{
"model": "assurity mri",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f17.01.49"
},
{
"model": "allure",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f14.07.80"
},
{
"model": "accent mri",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f10.08.6c"
},
{
"model": "accent st",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f10.08.6c"
},
{
"model": "accent",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f0b.0e.7e"
},
{
"model": "accent",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "accent mri",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "accent st",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "allure",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "anthem",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "assurity",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "assurity mri",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "laboratories accent \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories anthem \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories accent mri \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories assurity \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories allure \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories assurity mri \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "assurity mri",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "assurity",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "anthem",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "allure",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent st",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent mri",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "assurity mri f17.01.49",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "assurity f14.07.80",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "anthem f0b.0e.7e",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "allure f14.07.80",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent st f10.08.6c",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent mri f10.08.6c",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent f0b.0e.7e",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "anthem",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent mri",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent st",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "assurity",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "allure",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "assurity mri",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "NVD",
"id": "CVE-2017-12712"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f0b.0e.7e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:anthem_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f0b.0e.7e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:anthem:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_mri_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f10.08.6c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent_mri:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_st_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f10.08.6c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent_st:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:assurity_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f14.07.80",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:assurity:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:allure_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f14.07.80",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:allure:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:assurity_mri_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f17.01.49",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:assurity_mri:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12712"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MedSec Holdings Ltd",
"sources": [
{
"db": "BID",
"id": "100523"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
],
"trust": 0.9
},
"cve": "CVE-2017-12712",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-12712",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-23901",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12712",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12712",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-23901",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-084",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications. CVSS v3 base score: 7.5, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. Abbott Laboratories pacemakers Contains a cryptographic vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Accent, Anthem, Accent MRI, Assurity, Allure, and Assurity MRI are all implantable medical devices from Abbott Laboratories. Authorized order. Multiple Abbott Pacemakers are prone to the following multiple security vulnerabilities:\n1. An authentication-bypass vulnerability\n2. An information-disclosure vulnerability\n3. A Denial-of-Service vulnerability\nSuccessful exploits may allow an attacker to gain unauthorized access or bypass intended security restrictions, obtain sensitive information or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12712",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSMA-17-241-01",
"trust": 3.3
},
{
"db": "BID",
"id": "100523",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23901",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSMA-18-107-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2017.2157",
"trust": 0.3
},
{
"db": "IVD",
"id": "767A6A23-3EAA-43AB-8A2A-70FF0F71BC14",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"id": "VAR-201804-0519",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
}
]
},
"last_update_date": "2023-12-18T13:28:57.843000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.abbott.com/"
},
{
"title": "Abbott Laboratories\u0027 various pacemaker products are not authorized to access vulnerable patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/101204"
},
{
"title": "Multiple Abbott Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74539"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "NVD",
"id": "CVE-2017-12712"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-241-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100523"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12712"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-107-01"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12712"
},
{
"trust": 0.3,
"url": "http://www.abbott.com/"
},
{
"trust": 0.3,
"url": "http://abbott.mediaroom.com/2017-08-29-abbott-issues-new-updates-for-implanted-cardiac-devices"
},
{
"trust": 0.3,
"url": "https://www.auscert.org.au/bulletins/51662"
},
{
"trust": 0.3,
"url": "https://www.fda.gov/medicaldevices/safety/alertsandnotices/ucm573669.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "767a6a23-3eaa-43ab-8a2a-70ff0f71bc14"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100523"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"date": "2018-04-25T13:29:00.227000",
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"date": "2017-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23901"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100523"
},
{
"date": "2018-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013348"
},
{
"date": "2019-10-09T23:23:11.170000",
"db": "NVD",
"id": "CVE-2017-12712"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abbott Laboratories pacemakers Cryptographic vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013348"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-084"
}
],
"trust": 0.6
}
}
VAR-201804-0520
Vulnerability from variot - Updated: 2023-12-18 13:28Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. Abbott Laboratories pacemakers Contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Accent, Anthem, Accent MRI, Assurity, Allure, and Assurity MRI are all implantable medical devices from Abbott Laboratories. Battery life. Multiple Abbott Pacemakers are prone to the following multiple security vulnerabilities: 1. An authentication-bypass vulnerability 2. An information-disclosure vulnerability 3. A Denial-of-Service vulnerability Successful exploits may allow an attacker to gain unauthorized access or bypass intended security restrictions, obtain sensitive information or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201804-0520",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anthem",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f0b.0e.7e"
},
{
"model": "assurity",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f14.07.80"
},
{
"model": "assurity mri",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f17.01.49"
},
{
"model": "allure",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f14.07.80"
},
{
"model": "accent mri",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f10.08.6c"
},
{
"model": "accent st",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f10.08.6c"
},
{
"model": "accent",
"scope": "lt",
"trust": 1.0,
"vendor": "abbott",
"version": "f0b.0e.7e"
},
{
"model": "accent",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "accent mri",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "accent st",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "allure",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "anthem",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "assurity",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "assurity mri",
"scope": null,
"trust": 0.8,
"vendor": "abbott",
"version": null
},
{
"model": "laboratories accent \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories anthem \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories accent mri \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories assurity \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories allure \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "laboratories assurity mri \u003caugust",
"scope": "eq",
"trust": 0.6,
"vendor": "abbott",
"version": "282017"
},
{
"model": "assurity mri",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "assurity",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "anthem",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "allure",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent st",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent mri",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "accent",
"scope": "eq",
"trust": 0.3,
"vendor": "abbott",
"version": "0"
},
{
"model": "assurity mri f17.01.49",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "assurity f14.07.80",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "anthem f0b.0e.7e",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "allure f14.07.80",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent st f10.08.6c",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent mri f10.08.6c",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": "accent f0b.0e.7e",
"scope": "ne",
"trust": 0.3,
"vendor": "abbott",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "anthem",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent mri",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "accent st",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "assurity",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "allure",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "assurity mri",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "NVD",
"id": "CVE-2017-12714"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f0b.0e.7e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:anthem_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f0b.0e.7e",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:anthem:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_mri_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f10.08.6c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent_mri:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:accent_st_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f10.08.6c",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:accent_st:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:assurity_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f14.07.80",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:assurity:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:allure_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f14.07.80",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:allure:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:abbott:assurity_mri_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "f17.01.49",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:abbott:assurity_mri:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12714"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MedSec Holdings Ltd",
"sources": [
{
"db": "BID",
"id": "100523"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
],
"trust": 0.9
},
"cve": "CVE-2017-12714",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-12714",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.2,
"id": "CNVD-2017-23900",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.2,
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-12714",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12714",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-23900",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-085",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted \"RF wake-up\" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life. CVSS v3 base score: 5.3, CVSS vector string: AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H. Abbott has developed a firmware update to help mitigate the identified vulnerabilities. Abbott Laboratories pacemakers Contains an access control vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Accent, Anthem, Accent MRI, Assurity, Allure, and Assurity MRI are all implantable medical devices from Abbott Laboratories. Battery life. Multiple Abbott Pacemakers are prone to the following multiple security vulnerabilities:\n1. An authentication-bypass vulnerability\n2. An information-disclosure vulnerability\n3. A Denial-of-Service vulnerability\nSuccessful exploits may allow an attacker to gain unauthorized access or bypass intended security restrictions, obtain sensitive information or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12714",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSMA-17-241-01",
"trust": 3.3
},
{
"db": "BID",
"id": "100523",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23900",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSMA-18-107-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2017.2157",
"trust": 0.3
},
{
"db": "IVD",
"id": "CB95B3A8-887C-44B0-B1F4-C00D35D478D6",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"id": "VAR-201804-0520",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
}
]
},
"last_update_date": "2023-12-18T13:28:57.774000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.abbott.com/"
},
{
"title": "Abbott Laboratories Patches for Multiple Pacemaker Product Access Limiting Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/101203"
},
{
"title": "Multiple Abbott Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74540"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-920",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "NVD",
"id": "CVE-2017-12714"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-241-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100523"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12714"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-107-01"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12714"
},
{
"trust": 0.3,
"url": "http://www.abbott.com/"
},
{
"trust": 0.3,
"url": "http://abbott.mediaroom.com/2017-08-29-abbott-issues-new-updates-for-implanted-cardiac-devices"
},
{
"trust": 0.3,
"url": "https://www.auscert.org.au/bulletins/51662"
},
{
"trust": 0.3,
"url": "https://www.fda.gov/medicaldevices/safety/alertsandnotices/ucm573669.htm"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"db": "BID",
"id": "100523"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "IVD",
"id": "cb95b3a8-887c-44b0-b1f4-c00d35d478d6"
},
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100523"
},
{
"date": "2018-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"date": "2018-04-25T13:29:00.287000",
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"date": "2017-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23900"
},
{
"date": "2017-08-29T00:00:00",
"db": "BID",
"id": "100523"
},
{
"date": "2018-07-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-013349"
},
{
"date": "2019-10-09T23:23:11.483000",
"db": "NVD",
"id": "CVE-2017-12714"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Abbott Laboratories pacemakers Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-013349"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-085"
}
],
"trust": 0.6
}
}