PT-2018-16574 · Siemens · Siclock Tc400+1

Publicado

2018-07-03

Atualizado

2019-10-09

CVE-2018-4856

CVSS v2.0

4.0

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions SICLOCK TC100 (All versions) SICLOCK TC400 (All versions)

Description A vulnerability has been identified that allows an attacker with administrative access to the device's management interface to lock out legitimate users, requiring manual interaction to restore access.

Recommendations For SICLOCK TC100 (All versions), restrict access to the management interface to prevent unauthorized administrative access. For SICLOCK TC400 (All versions), restrict access to the management interface to prevent unauthorized administrative access.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2018-4856

Produtos afetados

Siclock Tc100

Siclock Tc400

PT-2018-16574 · Siemens · Siclock Tc400+1

CVE-2018-4856

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3