CVE-2018-4852

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to…

siemens·CWE-288·Published 2018-07-03

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

284 chars

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device.

NVDen

284 chars

NVDes

284 chars

Se ha identificado una vulnerabilidad en SICLOCK TC100 (todas las versiones) y SICLOCK TC400 (todas las versiones). Un atacante con acceso de red al dispositivo podría omitir el mecanismo de autenticación si dicho atacante puede obtener información específica del dispositivo atacado.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H