How severe is CVE-2018-13815?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2018-13815?

This is classified as CWE-410, which is a common weakness in software security.

CVE-2018-13815 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening a sufficient number of connections to the device. Successful exploitation requires an attacker to be able to send packets to port 102/tcp of the affected device. No user interaction and no user privileges are required to exploit the vulnerability. The vulnerability, if exploited, could cause a Denial-of-Service condition impacting the availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known.

Related Vulnerabilities

CVE-2019-0056

HIGH

CVSS:7.5(High)

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker t...

CWE-4102019

CVE-2019-13921

HIGH

CVSS:7.5(High)

A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1). Affected versions of the software contain a vulnerability that could allow an unauthenticated attacker ...

CWE-4102019

CVE-2022-2048

HIGH

CVSS:7.5(High)

In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated...

CWE-4102022

CVE-2022-46679

HIGH

CVSS:7.5(High)

Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial o...

CWE-4102022

CVE-2023-38505

HIGH

CVSS:7.5(High)

DietPi-Dashboard is a web dashboard for the operating system DietPi. The dashboard only allows for one TLS handshake to be in process at a given moment. Once a TCP connection is established in HTTPS m...

CWE-4102023

CVE-2025-27479

HIGH

CVSS:7.5(High)

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

CWE-4102025