PT-2018-16562 · Siemens · Telecontrol Server Basic

Published

2018-01-25

Updated

2019-10-09

CVE-2018-4837

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions TeleControl Server Basic versions prior to V3.1

Description A Denial-of-Service condition can be caused on the web server of the TeleControl Server Basic by an attacker with access to the webserver, affecting port 80/tcp or 443/tcp. The remaining functionality of the TeleControl Server Basic is not affected by this condition.

Recommendations For versions prior to V3.1, update to version V3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server on port 80/tcp and 443/tcp to minimize the risk of exploitation.

Fix

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

CVE-2018-4837

Affected Products

Telecontrol Server Basic

PT-2018-16562 · Siemens · Telecontrol Server Basic

CVE-2018-4837

Weakness Enumeration

Related Identifiers

Affected Products

References · 5