CVE-2018-11455

CVE-2018-11455

Vendor Siemens Ag
Product Automation License Manager 5, Automation License Manager 6
Weakness CWE-22 · Path traversal
Published August 7, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote attacker to move arbitrary files, which can result in code execution, compromising confidentiality, integrity and availability of the system. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges or special conditions of the system, but user interaction is required.

Key dates

02Disclosure timeline

August 7, 2018 CVE published
August 5, 2024 Record updated