PT-2018-16562 · Siemens · Telecontrol Server Basic

Publicado

2018-01-25

Atualizado

2019-10-09

CVE-2018-4837

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions TeleControl Server Basic versions prior to V3.1

Description A Denial-of-Service condition can be caused on the web server of the TeleControl Server Basic by an attacker with access to the webserver, affecting port 80/tcp or 443/tcp. The remaining functionality of the TeleControl Server Basic is not affected by this condition.

Recommendations For versions prior to V3.1, update to version V3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server on port 80/tcp and 443/tcp to minimize the risk of exploitation.

Correção

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

CVE-2018-4837

Produtos afetados

Telecontrol Server Basic

PT-2018-16562 · Siemens · Telecontrol Server Basic

CVE-2018-4837

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5