CVE-2018-4840
Severity CVSS v4.0:
Pending analysis
Type:
CWE-306
Missing Authentication for Critical Function
Publication date:
08/03/2018
Last modified:
13/07/2021
Description
A vulnerability has been identified in DIGSI 4 (All versions
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:siemens:siprotec_compact_7sj80_firmware:*:*:*:*:*:*:*:* | 4.77 (excluding) | |
cpe:2.3:h:siemens:siprotec_compact_7sj80:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:siprotec_compact_7sk80_firmware:*:*:*:*:*:*:*:* | 4.77 (excluding) | |
cpe:2.3:h:siemens:siprotec_compact_7sk80:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:siprotec_4_7sj66_firmware:*:*:*:*:*:*:*:* | 4.30 (excluding) | |
cpe:2.3:h:siemens:siprotec_4_7sj66:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:digsi_4:*:*:*:*:*:*:*:* | 4.92 (excluding) | |
cpe:2.3:o:siemens:en100_ethernet_module_iec_104_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:en100_ethernet_module_iec_104:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:en100_ethernet_module_dnp3_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:en100_ethernet_module_dnp3:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:en100_ethernet_module_modbus_tcp_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:en100_ethernet_module_modbus_tcp:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:siemens:en100_ethernet_module_profinet_io_firmware:-:*:*:*:*:*:*:* | ||
cpe:2.3:h:siemens:en100_ethernet_module_profinet_io:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page