Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote
attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the
REST interface.
References
Link | Resource |
---|---|
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
21 Nov 2024, 07:46
Type | Values Removed | Values Added |
---|---|---|
References | () https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json - Vendor Advisory | |
References | () https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf - Vendor Advisory | |
References | () https://sick.com/psirt - Vendor Advisory |
25 May 2023, 13:39
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-863 | |
References | (MISC) https://sick.com/psirt - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json - Vendor Advisory | |
CPE | cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
15 May 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-15 11:15
Updated : 2024-11-21 07:46
NVD link : CVE-2023-23445
Mitre link : CVE-2023-23445
CVE.ORG link : CVE-2023-23445
JSON object : View
Products Affected
sick
- ftmg-esd15axx
- ftmg-esd25axx_firmware
- ftmg-esn40sxx
- ftmg-esn50sxx
- ftmg-esd20axx
- ftmg-esr50sxx
- ftmg-esn50sxx_firmware
- ftmg-esr40sxx_firmware
- ftmg-esd15axx_firmware
- ftmg-esd20axx_firmware
- ftmg-esr50sxx_firmware
- ftmg-esr40sxx
- ftmg-esn40sxx_firmware
- ftmg-esd25axx