Vulnerability Description
A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the local file system. A successful attack could allow an attacker to obtain administrative passwords. At the time of advisory publication no public exploitation of this security vulnerability was known.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Scalance M875 Firmware | - |
| Siemens | Scalance M875 | - |
Related Weaknesses (CWE)
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdfThird Party Advisory
- https://cert-portal.siemens.com/productcert/pdf/ssa-977428.pdfThird Party Advisory
FAQ
What is CVE-2018-11449?
CVE-2018-11449 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires ...
How severe is CVE-2018-11449?
CVE-2018-11449 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11449?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Scalance M875 Firmware, Siemens Scalance M875.