CVE-2017-5149
N/A
N/A
Summary
An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). The identities of the endpoints for the communication channel between the transmitter and St. Jude Medical's web site, Merlin.net, are not verified. This may allow a man-in-the-middle attacker to access or influence communications between the identified endpoints.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | St. Jude Merlin@home Transmitter before 8.2.2 | St. Jude Merlin@home Transmitter before 8.2.2 | affected |
Weaknesses
- St. Jude Merlin@home Transmitter Vulnerability MITM
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.