PT-2018-14753 · Medtronic · Medtronic 2090 Carelink Programmer+2

Billy Rios

Publicado

2018-12-14

Atualizado

2020-09-18

CVE-2018-18984

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Medtronic CareLink 2090 Programmer versions (all versions) Medtronic CareLink 9790 Programmer versions (all versions) Medtronic Encore Programmer version 29901

Description The issue concerns the insufficient encryption of sensitive information, including personally identifiable information (PII) and protected health information (PHI), when the data is at rest.

Recommendations For Medtronic CareLink 2090 Programmer, consider implementing additional encryption measures to protect sensitive data. For Medtronic CareLink 9790 Programmer, consider implementing additional encryption measures to protect sensitive data. For Medtronic Encore Programmer version 29901, consider implementing additional encryption measures to protect sensitive data.

Correção

Missing Encryption of Sensitive Data

Cleartext Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-311CWE-312

Identificadores relacionados

CVE-2018-18984

Produtos afetados

Medtronic 2090 Carelink Programmer

Medtronic Carelink 9790 Programmer

Medtronic Encore Programmer

PT-2018-14753 · Medtronic · Medtronic 2090 Carelink Programmer+2

CVE-2018-18984

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4