Medium severity5.3NVD Advisory· Published May 6, 2019· Updated Jun 17, 2026
CVE-2018-18976
CVE-2018-18976
Description
An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before 2019-01-15. An attacker may retrieve encrypted medical information of any user of the Ascensia cloud platform by performing Direct Object References with a series of user ID values. (This information can be decrypted through a different vulnerability.)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Ascensia/Contour NEXT ONE applicationdescription
- Range: <2019-01-15
Patches
Vulnerability mechanics
References
1- depthsecurity.com/blog/medical-exploitation-you-are-now-diabeticnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.