CVE-2019-13543
Summary
| CVE | CVE-2019-13543 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-11-08 20:15:00 UTC |
| Updated | 2019-11-13 21:07:00 UTC |
| Description | Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform (VLFT10GEN) software version 4.0.0 and below, and Valleylab FX8 Energy Platform (VLFX8GEN) software version 1.1.0 and below use multiple sets of hard-coded credentials. If discovered, they can be used to read files on the device. |
Risk And Classification
Problem Types: CWE-798
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Medtronic | Valleylab Exchange Client | All | All | All | All |
| Hardware | Medtronic | Valleylab Ft10 Energy Platform | - | All | All | All |
| Hardware | Medtronic | Valleylab Ft10 Energy Platform | - | All | All | All |
| Operating System | Medtronic | Valleylab Ft10 Energy Platform Firmware | All | All | All | All |
| Hardware | Medtronic | Valleylab Fx8 Energy Platform | - | All | All | All |
| Hardware | Medtronic | Valleylab Fx8 Energy Platform | - | All | All | All |
| Operating System | Medtronic | Valleylab Fx8 Energy Platform Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Medtronic Valleylab FT10 and FX8 | CISA | MISC | www.us-cert.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.