CVE-2018-4856

Summary

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users.

Affected Software

VendorProductVersion RangeStatus
Siemens AGSICLOCK TC100, SICLOCK TC400SICLOCK TC100 : All versionsaffected
Siemens AGSICLOCK TC100, SICLOCK TC400SICLOCK TC400 : All versionsaffected

Weaknesses

  • CWE-287: CWE-287: Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References