ID

VAR-201801-1635


CVE

CVE-2018-4835


TITLE

Siemens TeleControl Server Basic Authentication Bypass Vulnerability

Trust: 0.8

sources: IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1 // CNVD: CNVD-2018-02348

DESCRIPTION

A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's port 8000/tcp could bypass the authentication mechanism and read limited information. Siemens TeleControl Server Basic is a remote control system for Siemens equipment from Siemens AG. Failed exploit attempts may result in a denial of service condition. This may aid in further attacks

Trust: 2.88

sources: NVD: CVE-2018-4835 // JVNDB: JVNDB-2018-001581 // CNVD: CNVD-2018-02348 // BID: 102904 // BID: 102894 // IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1 // CNVD: CNVD-2018-02348

AFFECTED PRODUCTS

vendor:siemensmodel:telecontrol server basicscope:ltversion:3.1

Trust: 1.8

vendor:siemensmodel:telecontrol server basicsscope:ltversion:v3.1

Trust: 0.6

vendor:siemensmodel:telecontrol server basic sp2scope:eqversion:3.0

Trust: 0.6

vendor:siemensmodel:telecontrol server basicscope:eqversion:3.0

Trust: 0.6

vendor:siemensmodel:telecontrol server basicscope:neversion:3.1

Trust: 0.6

vendor:telecontrol server basicmodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1 // CNVD: CNVD-2018-02348 // BID: 102904 // BID: 102894 // JVNDB: JVNDB-2018-001581 // NVD: CVE-2018-4835

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-4835
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-4835
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2018-02348
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201801-986
value: MEDIUM

Trust: 0.6

IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2018-4835
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-02348
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2018-4835
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1 // CNVD: CNVD-2018-02348 // JVNDB: JVNDB-2018-001581 // CNNVD: CNNVD-201801-986 // NVD: CVE-2018-4835

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.8

problemtype:CWE-287

Trust: 1.0

sources: JVNDB: JVNDB-2018-001581 // NVD: CVE-2018-4835

THREAT TYPE

network

Trust: 0.6

sources: BID: 102904 // BID: 102894

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201801-986

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-001581

PATCH

title:SSA-651454url:https://cert-portal.siemens.com/productcert/pdf/ssa-651454.pdf

Trust: 0.8

title:Siemens TeleControl Server Basic certification bypasses the patch for the vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/115103

Trust: 0.6

title:Siemens TeleControl Server Basic Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78099

Trust: 0.6

sources: CNVD: CNVD-2018-02348 // JVNDB: JVNDB-2018-001581 // CNNVD: CNNVD-201801-986

EXTERNAL IDS

db:NVDid:CVE-2018-4835

Trust: 3.8

db:ICS CERTid:ICSA-18-030-02

Trust: 2.0

db:BIDid:102904

Trust: 1.9

db:SIEMENSid:SSA-651454

Trust: 1.9

db:BIDid:102894

Trust: 1.9

db:CNVDid:CNVD-2018-02348

Trust: 0.8

db:CNNVDid:CNNVD-201801-986

Trust: 0.8

db:JVNDBid:JVNDB-2018-001581

Trust: 0.8

db:IVDid:E2E2DC63-39AB-11E9-93CA-000C29342CB1

Trust: 0.2

sources: IVD: e2e2dc63-39ab-11e9-93ca-000c29342cb1 // CNVD: CNVD-2018-02348 // BID: 102904 // BID: 102894 // JVNDB: JVNDB-2018-001581 // CNNVD: CNNVD-201801-986 // NVD: CVE-2018-4835

REFERENCES

url:https://ics-cert.us-cert.gov/advisories/icsa-18-030-02

Trust: 2.0

url:https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-651454.pdf

Trust: 1.9

url:http://www.securityfocus.com/bid/102904

Trust: 1.6

url:http://www.securityfocus.com/bid/102894

Trust: 1.6

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-4835

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-4835

Trust: 0.8

url:https://support.industry.siemens.com/cs/ww/en/view/109755199

Trust: 0.6

url:http://www.siemens.com/

Trust: 0.6

sources: CNVD: CNVD-2018-02348 // BID: 102904 // BID: 102894 // JVNDB: JVNDB-2018-001581 // CNNVD: CNNVD-201801-986 // NVD: CVE-2018-4835

CREDITS

The vendor reported this issue.

Trust: 0.6

sources: BID: 102904 // BID: 102894

SOURCES

db:IVDid:e2e2dc63-39ab-11e9-93ca-000c29342cb1
db:CNVDid:CNVD-2018-02348
db:BIDid:102904
db:BIDid:102894
db:JVNDBid:JVNDB-2018-001581
db:CNNVDid:CNNVD-201801-986
db:NVDid:CVE-2018-4835

LAST UPDATE DATE

2024-08-14T13:29:09.792000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-02348date:2018-01-31T00:00:00
db:BIDid:102904date:2018-01-30T00:00:00
db:BIDid:102894date:2018-01-25T00:00:00
db:JVNDBid:JVNDB-2018-001581date:2018-04-03T00:00:00
db:CNNVDid:CNNVD-201801-986date:2019-10-17T00:00:00
db:NVDid:CVE-2018-4835date:2019-10-09T23:41:00.327

SOURCES RELEASE DATE

db:IVDid:e2e2dc63-39ab-11e9-93ca-000c29342cb1date:2018-01-31T00:00:00
db:CNVDid:CNVD-2018-02348date:2018-01-31T00:00:00
db:BIDid:102904date:2018-01-30T00:00:00
db:BIDid:102894date:2018-01-25T00:00:00
db:JVNDBid:JVNDB-2018-001581date:2018-02-26T00:00:00
db:CNNVDid:CNNVD-201801-986date:2018-01-26T00:00:00
db:NVDid:CVE-2018-4835date:2018-01-25T14:29:00.320