CVE-2018-4855

CVE-2018-4855

Vendor Siemens Ag
Product SICLOCK TC100, SICLOCK TC400
Weakness CWE-311 · Missing encryption
Published July 3, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords.

Key dates

02Disclosure timeline

July 3, 2018 CVE published
September 17, 2024 Record updated