漏洞标题
Medtronic Micro Clinician & InterStim X Clinician App 密码重置问题
漏洞描述信息
Medtronic发现安装在Smart Programmer移动设备上的Pelvic Health临床医生应用存在密码漏洞,需要安全更新来修复。如果不更新,可能会导致未经授权的人员控制临床治疗应用,该应用对治疗参数的控制比患者应用更多。然而,仍然不能在编程器建立的治疗参数范围之外进行更改。要发生未授权访问,个人需要物理访问Smart Programmer。
CVSS信息
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Medtronic Micro Clinician & InterStim X Clinician App Password Reset Issue
漏洞描述信息
Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart Programmer mobile device, have a password vulnerability that requires a security update to fix. Not updating could potentially result in unauthorized control of the clinician therapy application, which has greater control over therapy parameters than the patient app. Changes still cannot be made outside of the established therapy parameters of the programmer. For unauthorized access to occur, an individual would need physical access to the Smart Programmer.
CVSS信息
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
漏洞类别
未经验证的口令修改
漏洞标题
Medtronic Pelvic Health 授权问题漏洞
漏洞描述信息
Medtronic Pelvic Health是美国美敦力(Medtronic)公司的一个临床医生应用程序。 Medtronic Pelvic Health clinician 存在安全漏洞,该漏洞源于应用程序存在密码漏洞,攻击者利用该漏洞可以对该应用程序进行未经授权控制。
CVSS信息
N/A
漏洞类别
授权问题