CVE-2023-31409

Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:*

History

25 May 2023, 14:21

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
CWE CWE-400
CPE cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:*
References (MISC) https://sick.com/psirt - (MISC) https://sick.com/psirt - Vendor Advisory
References (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf - (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf - Vendor Advisory
References (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json - (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json - Vendor Advisory

15 May 2023, 11:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-15 11:15

Updated : 2024-02-04 23:37


NVD link : CVE-2023-31409

Mitre link : CVE-2023-31409

CVE.ORG link : CVE-2023-31409


JSON object : View

Products Affected

sick

  • ftmg-esn50sxx_firmware
  • ftmg-esn40sxx_firmware
  • ftmg-esn50sxx
  • ftmg-esr40sxx_firmware
  • ftmg-esd20axx
  • ftmg-esr50sxx
  • ftmg-esr50sxx_firmware
  • ftmg-esd25axx_firmware
  • ftmg-esd25axx
  • ftmg-esn40sxx
  • ftmg-esr40sxx
  • ftmg-esd15axx_firmware
  • ftmg-esd20axx_firmware
  • ftmg-esd15axx
CWE
CWE-400

Uncontrolled Resource Consumption