VAR-201808-0370
Vulnerability from variot - Updated: 2023-12-18 12:36Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the "easy bolus" and "remote bolus" options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery. plural Medtronic The product contains authentication vulnerabilities.Information may be tampered with. MedtronicMMT-508MiniMedinsulinpump and other are different types of insulin pumps from Medtronic Corporation of the United States. Multiple Medtronic Isulin Pumps are prone to an authentication-bypass vulnerability and an information-disclosure vulnerability. Attackers may exploit these issues to gain unauthorized access to the affected device or to obtain sensitive information that may aid in launching further attacks. An authorization issue vulnerability exists in several Medtronic products
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "minimed 530g",
"scope": null,
"trust": 1.6,
"vendor": "medtronic",
"version": null
},
{
"model": "508 minimed insulin pump",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "722 paradigm real-time",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "751 minimed 530g",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "523k paradigm revel",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "723k paradigm revel",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "523 paradigm revel",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "522 paradigm real-time",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "551 minimed 530g",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "723 paradigm revel",
"scope": "eq",
"trust": 1.6,
"vendor": "medtronicdiabetes",
"version": null
},
{
"model": "minimed paradigm 508 insulin pump",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "minimed paradigm real-time 522 insulin pump",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "minimed paradigm real-time 722 insulin pump",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "minimed paradigm revel 523",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "minimed paradigm revel 523k",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "minimed paradigm revel 723",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "minimed paradigm revel 723k",
"scope": null,
"trust": 0.8,
"vendor": "medtronic",
"version": null
},
{
"model": "mmt mmt minimed 530g",
"scope": "eq",
"trust": 0.6,
"vendor": "medtronic",
"version": "-551/-751"
},
{
"model": "mmt 523k mmt 723k paradigm revel",
"scope": "eq",
"trust": 0.6,
"vendor": "medtronic",
"version": "-/-"
},
{
"model": "mmt mmt paradigm revel",
"scope": "eq",
"trust": 0.6,
"vendor": "medtronic",
"version": "-523/-723"
},
{
"model": "mmt mmt paradigm real-time",
"scope": "eq",
"trust": 0.6,
"vendor": "medtronic",
"version": "-522/-722"
},
{
"model": "mmt minimed insulin pump",
"scope": "eq",
"trust": 0.6,
"vendor": "medtronic",
"version": "-508"
},
{
"model": "mmt mmt minimed 530g",
"scope": "eq",
"trust": 0.3,
"vendor": "medtronic",
"version": "-551/-7510"
},
{
"model": "mmt 523k mmt 723k paradigm revel",
"scope": "eq",
"trust": 0.3,
"vendor": "medtronic",
"version": "-/-0"
},
{
"model": "mmt mmt paradigm revel",
"scope": "eq",
"trust": 0.3,
"vendor": "medtronic",
"version": "-523/-7230"
},
{
"model": "mmt mmt paradigm real-time",
"scope": "eq",
"trust": 0.3,
"vendor": "medtronic",
"version": "-522/-7220"
},
{
"model": "mmt minimed insulin pump",
"scope": "eq",
"trust": 0.3,
"vendor": "medtronic",
"version": "-5080"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "BID",
"id": "105044"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:508_minimed_insulin_pump_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:508_minimed_insulin_pump:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:522_paradigm_real-time_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:522_paradigm_real-time:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:722_paradigm_real-time_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:722_paradigm_real-time:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:523_paradigm_revel_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:523_paradigm_revel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:723_paradigm_revel_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:723_paradigm_revel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:523k_paradigm_revel_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:523k_paradigm_revel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:723k_paradigm_revel_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:723k_paradigm_revel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:551_minimed_530g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:551_minimed_530g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:medtronicdiabetes:751_minimed_530g_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:medtronicdiabetes:751_minimed_530g:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14781"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Billy Rios, Jesse Young, and Jonathan Butts of Whitescope LLC",
"sources": [
{
"db": "BID",
"id": "105044"
}
],
"trust": 0.3
},
"cve": "CVE-2018-14781",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.9,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-14781",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2018-19605",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 5.5,
"id": "VHN-124975",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-14781",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-14781",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2018-19605",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-307",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-124975",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2018-14781",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "VULHUB",
"id": "VHN-124975"
},
{
"db": "VULMON",
"id": "CVE-2018-14781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the \"easy bolus\" and \"remote bolus\" options enabled (non-default), are vulnerable to a capture-replay attack. An attacker can capture the wireless transmissions between the remote controller and the pump and replay them to cause an insulin (bolus) delivery. plural Medtronic The product contains authentication vulnerabilities.Information may be tampered with. MedtronicMMT-508MiniMedinsulinpump and other are different types of insulin pumps from Medtronic Corporation of the United States. Multiple Medtronic Isulin Pumps are prone to an authentication-bypass vulnerability and an information-disclosure vulnerability. \nAttackers may exploit these issues to gain unauthorized access to the affected device or to obtain sensitive information that may aid in launching further attacks. An authorization issue vulnerability exists in several Medtronic products",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "BID",
"id": "105044"
},
{
"db": "VULHUB",
"id": "VHN-124975"
},
{
"db": "VULMON",
"id": "CVE-2018-14781"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-14781",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSMA-18-219-02",
"trust": 3.5
},
{
"db": "BID",
"id": "105044",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-307",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-19605",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-124975",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-14781",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "VULHUB",
"id": "VHN-124975"
},
{
"db": "VULMON",
"id": "CVE-2018-14781"
},
{
"db": "BID",
"id": "105044"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"id": "VAR-201808-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "VULHUB",
"id": "VHN-124975"
}
],
"trust": 1.5333332999999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
}
]
},
"last_update_date": "2023-12-18T12:36:36.146000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.medtronicdiabetes.com/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-124975"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "NVD",
"id": "CVE-2018-14781"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-18-219-02"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/105044"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-14781"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14781"
},
{
"trust": 0.3,
"url": "http://www.medtronic.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "VULHUB",
"id": "VHN-124975"
},
{
"db": "VULMON",
"id": "CVE-2018-14781"
},
{
"db": "BID",
"id": "105044"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"db": "VULHUB",
"id": "VHN-124975"
},
{
"db": "VULMON",
"id": "CVE-2018-14781"
},
{
"db": "BID",
"id": "105044"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"date": "2018-08-13T00:00:00",
"db": "VULHUB",
"id": "VHN-124975"
},
{
"date": "2018-08-13T00:00:00",
"db": "VULMON",
"id": "CVE-2018-14781"
},
{
"date": "2018-08-07T00:00:00",
"db": "BID",
"id": "105044"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"date": "2018-08-13T21:48:01.227000",
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"date": "2018-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-19605"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-124975"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-14781"
},
{
"date": "2018-08-07T00:00:00",
"db": "BID",
"id": "105044"
},
{
"date": "2018-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009527"
},
{
"date": "2019-10-09T23:35:11.500000",
"db": "NVD",
"id": "CVE-2018-14781"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Medtronic Authentication vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009527"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-307"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…