How severe is CVE-2018-11456?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2018-11456?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2018-11456

MEDIUM Year: 2018

CVSS v3 Score

5.8

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine whether or not a network port on another remote system is accessible or not. This allows the attacker to do basic network scanning using the victims machine. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges, no user interaction is required. The impact is limited to determining whether or not a port on a target system is accessible by the affected device.

CVE-2019-12627

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensiti...

CWE-2842019

CVE-2019-1686

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass prot...

CWE-2842019

CVE-2020-3312

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive d...

CWE-2842020

CVE-2020-3448

MEDIUM

CVSS:5.8(Medium)

A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are runn...

CWE-2842020

CVE-2020-3564

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to by...

CWE-2842020

CVE-2020-3565

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (includ...

CWE-2842020

CVE-2018-11456

Vulnerability Description

Related Vulnerabilities

CVE-2019-12627

CVE-2019-1686

CVE-2020-3312

CVE-2020-3448

CVE-2020-3564

CVE-2020-3565