Find a vulnerability
Search criteria
4 vulnerabilities by animas
VAR-201610-0059
Vulnerability from variot - Updated: 2025-04-13 23:17Johnson & Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol. The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data, or execute commands on the device. The attacker cannot obtain personally identifiable information. In addition, JVNVU#95089754 Then CWE-290 It is published as https://cwe.mitre.org/data/definitions/290.htmlAuthentication can be bypassed by third parties via custom communication protocols. Animas OneTouch Ping is prone to the following security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple security-bypass vulnerabilities 3. A Spoofing vulnerability An attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0059",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "onetouch ping",
"scope": null,
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "johnson johnson",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 0.3,
"vendor": "animas",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:animas:onetouch_ping",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:animas:onetouch_ping_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tod Beardsley of Rapid7.",
"sources": [
{
"db": "BID",
"id": "93351"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5686",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-5686",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-94505",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5686",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5686",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-5686",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-004",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-94505",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94505"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Johnson \u0026 Johnson Animas OneTouch Ping devices mishandle acknowledgements, which makes it easier for remote attackers to bypass authentication via a custom communication protocol. The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data, or execute commands on the device. The attacker cannot obtain personally identifiable information. In addition, JVNVU#95089754 Then CWE-290 It is published as https://cwe.mitre.org/data/definitions/290.htmlAuthentication can be bypassed by third parties via custom communication protocols. Animas OneTouch Ping is prone to the following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple security-bypass vulnerabilities\n3. A Spoofing vulnerability\nAn attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5686"
},
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "VULHUB",
"id": "VHN-94505"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2016-5686",
"trust": 2.8
},
{
"db": "BID",
"id": "93351",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU95089754",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-004",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "34994",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSMA-16-279-01",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-94505",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-94505"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"id": "VAR-201610-0059",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-94505"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:17:51.274000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OneTouch Ping Glucose Management System",
"trust": 0.8,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
},
{
"title": "Important Information about the cybersecurity of your OneTouch Ping Insulin Infusion Pump",
"trust": 0.8,
"url": "https://www.animas.com/sites/default/files/pdf/FINAL%20Letter%20to%20patients%20regarding%20OTP_10.04.16.16_WEB%20VERSION.PDF"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-94505"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/884840"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/bluu-a9sqrs"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/93351"
},
{
"trust": 0.8,
"url": "https://www.animas.com/our-pumps/one-touch-ping"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5686"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95089754/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5686"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/34994"
},
{
"trust": 0.3,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
},
{
"trust": 0.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-16-279-01"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-94505"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-94505"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-04T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-94505"
},
{
"date": "2016-10-04T00:00:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"date": "2016-10-05T10:59:14.267000",
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-94505"
},
{
"date": "2016-10-10T05:02:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005123"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-004"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-5686"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Animas OneTouch Ping insulin pump contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-004"
}
],
"trust": 0.6
}
}
VAR-201610-0160
Vulnerability from variot - Updated: 2025-04-13 23:17Johnson & Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network. The attacker cannot obtain personally identifiable information. In addition, JVNVU#95089754 Then CWE-319 It is published as https://cwe.mitre.org/data/definitions/319.htmlIf a third party intercepts the network, important information may be obtained. Animas OneTouch Ping is prone to the following security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple security-bypass vulnerabilities 3. A Spoofing vulnerability An attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States. The Animas OneTouch Ping device has a security flaw, which stems from the fact that the program does not encrypt data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0160",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "onetouch ping",
"scope": null,
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "johnson johnson",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 0.3,
"vendor": "animas",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:animas:onetouch_ping",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:animas:onetouch_ping_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tod Beardsley of Rapid7.",
"sources": [
{
"db": "BID",
"id": "93351"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5084",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-5084",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-93903",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5084",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5084",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-5084",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-93903",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93903"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Johnson \u0026 Johnson Animas OneTouch Ping devices do not use encryption for certain data, which might allow remote attackers to obtain sensitive information by sniffing the network. The attacker cannot obtain personally identifiable information. In addition, JVNVU#95089754 Then CWE-319 It is published as https://cwe.mitre.org/data/definitions/319.htmlIf a third party intercepts the network, important information may be obtained. Animas OneTouch Ping is prone to the following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple security-bypass vulnerabilities\n3. A Spoofing vulnerability\nAn attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States. The Animas OneTouch Ping device has a security flaw, which stems from the fact that the program does not encrypt data",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5084"
},
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "VULHUB",
"id": "VHN-93903"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2016-5084",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSMA-16-279-01",
"trust": 2.2
},
{
"db": "BID",
"id": "93351",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU95089754",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-007",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "34991",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-93903",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93903"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"id": "VAR-201610-0160",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93903"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:17:51.241000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OneTouch Ping Glucose Management System",
"trust": 0.8,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
},
{
"title": "Important Information about the cybersecurity of your OneTouch Ping Insulin Infusion Pump",
"trust": 0.8,
"url": "https://www.animas.com/sites/default/files/pdf/FINAL%20Letter%20to%20patients%20regarding%20OTP_10.04.16.16_WEB%20VERSION.PDF"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93903"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/884840"
},
{
"trust": 2.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-16-279-01"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/bluu-a9sqrs"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/93351"
},
{
"trust": 0.8,
"url": "https://www.animas.com/our-pumps/one-touch-ping"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5084"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95089754/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5084"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/34991"
},
{
"trust": 0.3,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93903"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93903"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-04T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-93903"
},
{
"date": "2016-10-04T00:00:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"date": "2016-10-05T10:59:10.640000",
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-93903"
},
{
"date": "2016-10-10T05:02:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005120"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-007"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-5084"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Animas OneTouch Ping insulin pump contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-007"
}
],
"trust": 0.6
}
}
VAR-201610-0162
Vulnerability from variot - Updated: 2025-04-13 23:17Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks. The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data, or execute commands on the device. The attacker cannot obtain personally identifiable information. In addition, JVNVU#95089754 Then CWE-294 It is published as https://cwe.mitre.org/data/definitions/294.htmlReflex attack by a third party ( Replay attack ) Authentication may be bypassed. Animas OneTouch Ping is prone to the following security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple security-bypass vulnerabilities 3. A Spoofing vulnerability An attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0162",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "onetouch ping",
"scope": null,
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "johnson johnson",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 0.3,
"vendor": "animas",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:animas:onetouch_ping",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:animas:onetouch_ping_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tod Beardsley of Rapid7.",
"sources": [
{
"db": "BID",
"id": "93351"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5086",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2016-5086",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-93905",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5086",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5086",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-5086",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-005",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-93905",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93905"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Johnson \u0026 Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks. The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data, or execute commands on the device. The attacker cannot obtain personally identifiable information. In addition, JVNVU#95089754 Then CWE-294 It is published as https://cwe.mitre.org/data/definitions/294.htmlReflex attack by a third party ( Replay attack ) Authentication may be bypassed. Animas OneTouch Ping is prone to the following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple security-bypass vulnerabilities\n3. A Spoofing vulnerability\nAn attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5086"
},
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "VULHUB",
"id": "VHN-93905"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2016-5086",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSMA-16-279-01",
"trust": 2.2
},
{
"db": "BID",
"id": "93351",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU95089754",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-005",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "34993",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-93905",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93905"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"id": "VAR-201610-0162",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93905"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:17:51.208000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OneTouch Ping Glucose Management System",
"trust": 0.8,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
},
{
"title": "Important Information about the cybersecurity of your OneTouch Ping Insulin Infusion Pump",
"trust": 0.8,
"url": "https://www.animas.com/sites/default/files/pdf/FINAL%20Letter%20to%20patients%20regarding%20OTP_10.04.16.16_WEB%20VERSION.PDF"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93905"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/884840"
},
{
"trust": 2.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-16-279-01"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/bluu-a9sqrs"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/93351"
},
{
"trust": 0.8,
"url": "https://www.animas.com/our-pumps/one-touch-ping"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5086"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95089754/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5086"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/34993"
},
{
"trust": 0.3,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93905"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93905"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-04T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-93905"
},
{
"date": "2016-10-04T00:00:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"date": "2016-10-05T10:59:12.923000",
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-93905"
},
{
"date": "2016-10-10T05:02:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005122"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-005"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-5086"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Animas OneTouch Ping insulin pump contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-005"
}
],
"trust": 0.6
}
}
VAR-201610-0161
Vulnerability from variot - Updated: 2025-04-13 23:17Johnson & Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an authentication handshake. The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data, or execute commands on the device. The attacker cannot obtain personally identifiable information. Supplementary information : CWE Vulnerability type by CWE-330: Use of Insufficiently Random Values ( Insufficient random value used ) Has been identified. http://cwe.mitre.org/data/definitions/330.htmlA third party can intercept your network and then perform an authentication handshake to impersonate your meter. Animas OneTouch Ping is prone to the following security vulnerabilities: 1. An information-disclosure vulnerability 2. Multiple security-bypass vulnerabilities 3. A Spoofing vulnerability An attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States. A remote attacker could exploit this vulnerability by sniffing the network to forge data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0161",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "onetouch ping",
"scope": null,
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 1.6,
"vendor": "animas",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "johnson johnson",
"version": null
},
{
"model": "onetouch ping",
"scope": "eq",
"trust": 0.3,
"vendor": "animas",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:animas:onetouch_ping",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:animas:onetouch_ping_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tod Beardsley of Rapid7.",
"sources": [
{
"db": "BID",
"id": "93351"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5085",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-5085",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-93904",
"impactScore": 6.9,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-5085",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5085",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-5085",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-93904",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93904"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Johnson \u0026 Johnson Animas OneTouch Ping devices do not properly generate random numbers, which makes it easier for remote attackers to spoof meters by sniffing the network and then engaging in an authentication handshake. The Animas OneTouch Ping insulin pump contains multiple vulnerabilities that may allow an unauthenticated remote attacker to obtain patient treatment or device data, or execute commands on the device. The attacker cannot obtain personally identifiable information. Supplementary information : CWE Vulnerability type by CWE-330: Use of Insufficiently Random Values ( Insufficient random value used ) Has been identified. http://cwe.mitre.org/data/definitions/330.htmlA third party can intercept your network and then perform an authentication handshake to impersonate your meter. Animas OneTouch Ping is prone to the following security vulnerabilities:\n1. An information-disclosure vulnerability\n2. Multiple security-bypass vulnerabilities\n3. A Spoofing vulnerability\nAn attacker can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible. Animas OneTouch Ping is a medical self-service device for diabetic patients taking insulin from Animas Company of the United States. A remote attacker could exploit this vulnerability by sniffing the network to forge data",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5085"
},
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "VULHUB",
"id": "VHN-93904"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2016-5085",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSMA-16-279-01",
"trust": 2.2
},
{
"db": "BID",
"id": "93351",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU95089754",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-006",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "34992",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-93904",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93904"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"id": "VAR-201610-0161",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-93904"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:17:51.175000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OneTouch Ping Glucose Management System",
"trust": 0.8,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
},
{
"title": "Important Information about the cybersecurity of your OneTouch Ping Insulin Infusion Pump",
"trust": 0.8,
"url": "https://www.animas.com/sites/default/files/pdf/FINAL%20Letter%20to%20patients%20regarding%20OTP_10.04.16.16_WEB%20VERSION.PDF"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-330",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-93904"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/884840"
},
{
"trust": 2.2,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-16-279-01"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/bluu-a9sqrs"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/93351"
},
{
"trust": 0.8,
"url": "https://www.animas.com/our-pumps/one-touch-ping"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5085"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95089754/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5085"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/34992"
},
{
"trust": 0.3,
"url": "https://www.animas.com/diabetes-insulin-pump-and-bloog-glucose-meter/onetouch-ping-blood-glucose-monitor"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93904"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#884840"
},
{
"db": "VULHUB",
"id": "VHN-93904"
},
{
"db": "BID",
"id": "93351"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-04T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-93904"
},
{
"date": "2016-10-04T00:00:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"date": "2016-10-05T10:59:11.643000",
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "CERT/CC",
"id": "VU#884840"
},
{
"date": "2016-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-93904"
},
{
"date": "2016-10-10T05:02:00",
"db": "BID",
"id": "93351"
},
{
"date": "2016-10-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005121"
},
{
"date": "2016-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-006"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2016-5085"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Animas OneTouch Ping insulin pump contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#884840"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-006"
}
],
"trust": 0.6
}
}