ID
VAR-201805-1111
CVE
CVE-2018-5448
TITLE
Medtronic 2090 Carelink Programmer Path traversal vulnerability
Trust: 1.4
sources:
JVNDB: JVNDB-2018-004579 //
CNNVD: CNNVD-201803-771
DESCRIPTION
Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system. Medtronic 2090 Carelink Programmer Contains a path traversal vulnerability.Information may be obtained. Medtronic 2090 CareLink Programmer is a set of portable computer products produced by American Medtronic Company. This product is used to manage and program cardiac equipment in the medical industry
Trust: 1.71
sources:
NVD: CVE-2018-5448 //
JVNDB: JVNDB-2018-004579 //
VULHUB: VHN-135479
AFFECTED PRODUCTS
| vendor: | medtronic | model: | 2090 carelink programmer | scope: | - | version: | - | Trust: 1.4 |
| vendor: | medtronic | model: | 2090 carelink programmer | scope: | eq | version: | * | Trust: 1.0 |
sources:
JVNDB: JVNDB-2018-004579 //
CNNVD: CNNVD-201803-771 //
NVD: CVE-2018-5448
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-135479 //
JVNDB: JVNDB-2018-004579 //
CNNVD: CNNVD-201803-771 //
NVD: CVE-2018-5448 //
NVD: CVE-2018-5448
PROBLEMTYPE DATA
| problemtype: | CWE-22 | Trust: 1.9 |
| problemtype: | CWE-23 | Trust: 1.0 |
sources:
VULHUB: VHN-135479 //
JVNDB: JVNDB-2018-004579 //
NVD: CVE-2018-5448
THREAT TYPE
remote or local
Trust: 0.6
sources:
CNNVD: CNNVD-201803-771
TYPE
path traversal
Trust: 0.6
sources:
CNNVD: CNNVD-201803-771
CONFIGURATIONS
sources:
JVNDB: JVNDB-2018-004579
PATCH
| title: | Top Page | url: | http://www.medtronic.com/us-en/index.html | Trust: 0.8 |
sources:
JVNDB: JVNDB-2018-004579
EXTERNAL IDS
| db: | NVD | id: | CVE-2018-5448 | Trust: 2.5 |
| db: | ICS CERT | id: | ICSMA-18-058-01 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2018-004579 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201803-771 | Trust: 0.7 |
| db: | AUSCERT | id: | ESB-2018.0582.2 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-135479 | Trust: 0.1 |
sources:
VULHUB: VHN-135479 //
JVNDB: JVNDB-2018-004579 //
CNNVD: CNNVD-201803-771 //
NVD: CVE-2018-5448
REFERENCES
| url: | https://ics-cert.us-cert.gov/advisories/icsma-18-058-01 | Trust: 3.1 |
| url: | https://global.medtronic.com/xg-en/product-security/security-bulletins/carelink-2090-29901.html | Trust: 1.0 |
| url: | https://www.cisa.gov/news-events/ics-medical-advisories/icsma-18-058-01 | Trust: 1.0 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5448 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2018-5448 | Trust: 0.8 |
| url: | https://www.auscert.org.au/bulletins/esb-2018.0582.2/ | Trust: 0.6 |
| url: | https://www.us-cert.gov/ics/advisories/icsma-18-058-01 | Trust: 0.6 |
sources:
VULHUB: VHN-135479 //
JVNDB: JVNDB-2018-004579 //
CNNVD: CNNVD-201803-771 //
NVD: CVE-2018-5448
SOURCES
| db: | VULHUB | id: | VHN-135479 |
| db: | JVNDB | id: | JVNDB-2018-004579 |
| db: | CNNVD | id: | CNNVD-201803-771 |
| db: | NVD | id: | CVE-2018-5448 |
LAST UPDATE DATE
2025-05-23T23:07:14.919000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-135479 | date: | 2019-10-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-004579 | date: | 2018-06-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-201803-771 | date: | 2020-02-25T00:00:00 |
| db: | NVD | id: | CVE-2018-5448 | date: | 2025-05-22T18:15:23.033 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-135479 | date: | 2018-05-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2018-004579 | date: | 2018-06-25T00:00:00 |
| db: | CNNVD | id: | CNNVD-201803-771 | date: | 2018-03-22T00:00:00 |
| db: | NVD | id: | CVE-2018-5448 | date: | 2018-05-04T18:29:00.570 |