PT-2018-16574 · Siemens · Siclock Tc400+1

Published

2018-07-03

Updated

2019-10-09

CVE-2018-4856

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions SICLOCK TC100 (All versions) SICLOCK TC400 (All versions)

Description A vulnerability has been identified that allows an attacker with administrative access to the device's management interface to lock out legitimate users, requiring manual interaction to restore access.

Recommendations For SICLOCK TC100 (All versions), restrict access to the management interface to prevent unauthorized administrative access. For SICLOCK TC400 (All versions), restrict access to the management interface to prevent unauthorized administrative access.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2018-4856

Affected Products

Siclock Tc100

Siclock Tc400

PT-2018-16574 · Siemens · Siclock Tc400+1

CVE-2018-4856

Weakness Enumeration

Related Identifiers

Affected Products

References · 3