CVE-2018-5448 MEDIUM

CVE-2018-5448: Medtronic 2090 Carelink Programmer Relative Path Traversal

Vendor Medtronic

Product 2090 CareLink Programmer

Weakness CWE-23

Published May 4, 2018

Last update May 22, 2025

View on NVD All CVEs

CVSS base score

4.8/10

Attack vector Adjacent

Attack complexity High

Privileges required Low

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system.

Key dates

02Disclosure timeline

May 4, 2018 CVE published

May 22, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-5448 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/23.html

Related vulnerabilities

Identifiers

CVE CVE-2018-5448

CWE CWE-23

CVSS 4.8 / MEDIUM

Affected versions

Vendor Medtronic

Product 2090 CareLink Programmer

Affected All versions

Vendor Medtronic

Product 29901 Encore Programmer

Affected All versions

CVE-2018-5448: Medtronic 2090 Carelink Programmer Relative Path Traversal

01Description

02Disclosure timeline

03References

04Related CVE