CVE-2018-18984
MEDIUMMedtronic Carelink 2090 Programmer Firmware - Cleartext Storage
Title source: ruleDescription
Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest .
References (3)
Scores
CVSS v3
4.6
EPSS
0.0008
EPSS Percentile
24.1%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
CWE-311
Status
published
Products (3)
medtronic/29901_encore_programmer_firmware
medtronic/carelink_2090_programmer_firmware
medtronic/carelink_9790_programmer_firmware
Published
Dec 14, 2018
Tracked Since
Feb 18, 2026