CVE-2018-4856
N/A
N/A
Summary
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Siemens AG | SICLOCK TC100, SICLOCK TC400 | SICLOCK TC100 : All versions | affected |
| Siemens AG | SICLOCK TC100, SICLOCK TC400 | SICLOCK TC400 : All versions | affected |
Weaknesses
- CWE-287: CWE-287: Improper Authentication
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/104672
- https://cert-portal.siemens.com/productcert/pdf/ssa-197012.pdf
References
- http://www.securityfocus.com/bid/104672
- https://cert-portal.siemens.com/productcert/pdf/ssa-197012.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.