Denial-of-Service Vulnerability in TeleControl Server Basic by Siemens
CVE-2018-4837
7.5HIGH
Summary
A vulnerability exists in the TeleControl Server Basic prior to version 3.1 that allows an attacker with access to the webserver (port 80/tcp or 443/tcp) to trigger a Denial-of-Service condition. This results in the web server becoming unresponsive, although other functionalities of the TeleControl Server Basic remain unaffected.
Affected Version(s)
TeleControl Server Basic All versions < V3.1
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved