How severe is CVE-2018-11464?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2018-11464?

This is classified as CWE-248, which is a common weakness in software security.

CVE-2018-11464

LOW Year: 2018

CVSS v3 Score

3.7

Low

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-248

View all →

Vulnerability Description

A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). The integrated VNC server on port 5900/tcp of the affected products could allow a remote attacker to cause a Denial-of-Service condition of the VNC server. Please note that this vulnerability is only exploitable if port 5900/tcp is manually opened in the firewall configuration of network port X130. The security vulnerability could be exploited by an attacker with network access to the affected devices and port. Successful exploitation requires no privileges and no user interaction. The vulnerability could allow an attacker to compromise availability of the VNC server. At the time of advisory publication no public exploitation of this security vulnerability was known.

CVE-2020-14348

MEDIUM

CVSS:4.3(Medium)

It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online comp...

CWE-2482020

CVE-2021-25971

MEDIUM

CVSS:4.3(Medium)

In Camaleon CMS, versions 2.0.1 to 2.6.0 are vulnerable to an Uncaught Exception. The app's media upload feature crashes permanently when an attacker with a low privileged access uploads a specially c...

CWE-2482021

CVE-2025-20097

MEDIUM

CVSS:4.3(Medium)

Uncaught exception in OpenBMC Firmware for the Intel(R) Server M50FCP Family and Intel(R) Server D50DNP Family before version R01.02.0002 may allow an authenticated user to potentially enable denial o...

CWE-2482025

CVE-2024-20049

MEDIUM

CVSS:4.4(Medium)

In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not nee...

CWE-2482024

CVE-2024-13417

MEDIUM

CVSS:4.6(Medium)

Specifically crafted payloads sent to the RFID reader could cause DoS of RFID reader. After the device is restarted, it gets back to fully working state. 2N has released an updated version 2.46 of 2N ...

CWE-2482024

CVE-2023-3774

MEDIUM

CVSS:4.9(Medium)

An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.

CWE-2482023

CVE-2018-11464

Vulnerability Description

Related Vulnerabilities

CVE-2020-14348

CVE-2021-25971

CVE-2025-20097

CVE-2024-20049

CVE-2024-13417

CVE-2023-3774