Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv3

CVE-2018-11456

Published: 07/08/2018 Updated: 09/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.8 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Automation License Manager

Vulnerability Summary

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine whether or not a network port on another remote system is accessible or not. This allows the malicious user to do basic network scanning using the victims machine. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges, no user interaction is required. The impact is limited to determining whether or not a port on a target system is accessible by the affected device.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

siemens automation license manager

References

NVD-CWE-noinfohttps://cert-portal.siemens.com/productcert/pdf/ssa-920962.pdfhttp://www.securityfocus.com/bid/105114https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2024-34558CVE-2024-32674CVE-2024-34351XPath injectionCVE-2023-45866CVE-2024-25528CVE-2024-25517path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook