Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote
attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the
REST interface.
References
Link | Resource |
---|---|
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
25 May 2023, 13:39
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:* |
|
First Time |
Sick
Sick ftmg-esn40sxx Sick ftmg-esd20axx Sick ftmg-esd15axx Firmware Sick ftmg-esd20axx Firmware Sick ftmg-esn40sxx Firmware Sick ftmg-esr40sxx Sick ftmg-esn50sxx Sick ftmg-esd15axx Sick ftmg-esr50sxx Sick ftmg-esd25axx Firmware Sick ftmg-esr50sxx Firmware Sick ftmg-esr40sxx Firmware Sick ftmg-esd25axx Sick ftmg-esn50sxx Firmware |
|
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf - Vendor Advisory | |
References | (MISC) https://sick.com/psirt - Vendor Advisory |
15 May 2023, 12:54
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-15 11:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-23445
Mitre link : CVE-2023-23445
CVE.ORG link : CVE-2023-23445
JSON object : View
Products Affected
sick
- ftmg-esd20axx_firmware
- ftmg-esr40sxx_firmware
- ftmg-esd15axx
- ftmg-esd15axx_firmware
- ftmg-esn50sxx
- ftmg-esd25axx_firmware
- ftmg-esd20axx
- ftmg-esr40sxx
- ftmg-esn50sxx_firmware
- ftmg-esd25axx
- ftmg-esr50sxx_firmware
- ftmg-esn40sxx_firmware
- ftmg-esn40sxx
- ftmg-esr50sxx