Telecontrol Server Basic
CVE-2018-4837
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition.
AnalysisAI
A vulnerability has been identified in TeleControl Server Basic < V3.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Technical ContextAI
This vulnerability is classified as Uncontrolled Resource Consumption (CWE-400), which allows attackers to cause denial of service by exhausting system resources. A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/tcp or 443/tcp) could cause a Denial-of-Service condition on the web server. The remaining functionality of the TeleControl Server Basic is not affected by the Denial-of-Service condition. Affected products include: Siemens Telecontrol Server Basic.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Implement rate limiting, set resource quotas, validate input sizes, use timeouts.
More in Telecontrol Server Basic
View allA vulnerability has been identified in PP TeleControl Server Basic 1000 to 5000 V3.1 (6NH9910-0AA31-0AE1) (All versions
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated critical severity (CVSS
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated critical severity (CVSS
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated critical severity (CVSS
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). Rated high severity (CVSS 8.7
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today