A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/104672 | Third Party Advisory VDB Entry |
https://cert-portal.siemens.com/productcert/pdf/ssa-197012.pdf | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: siemens
Published: 2018-07-03T00:00:00
Updated: 2018-07-06T09:57:01
Reserved: 2018-01-02T00:00:00
Link: CVE-2018-4855
JSON object: View
NVD Information
Status : Modified
Published: 2018-07-03T14:29:00.430
Modified: 2019-10-09T23:41:03.093
Link: CVE-2018-4855
JSON object: View
Redhat Information
No data.
CWE