Authentication Bypass Vulnerability in TeleControl Server Basic by Siemens
CVE-2018-4835

5.3MEDIUM

Key Information:

Vendor

Siemens
Status
Telecontrol Server Basic
Vendor
CVE Published:
25 January 2018

What is CVE-2018-4835?

The TeleControl Server Basic software prior to version 3.1 contains a vulnerability that allows an attacker with network access to port 8000/tcp to bypass the authentication mechanism. This flaw could enable unauthorized users to access limited information within the server, potentially compromising the security and integrity of systems relying on this software.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

TeleControl Server Basic All versions < V3.1

References

https://www.siemens.com/cert/pool/cert/siemens_security_a...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/102894
vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/102904
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.