Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an remote attacker to influence the availability of the webserver by invocing a Slowloris style attack via HTTP requests.
References
Link | Resource |
---|---|
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
25 May 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sick
Sick ftmg-esn40sxx Sick ftmg-esd20axx Sick ftmg-esd15axx Firmware Sick ftmg-esd20axx Firmware Sick ftmg-esn40sxx Firmware Sick ftmg-esr40sxx Sick ftmg-esn50sxx Sick ftmg-esd15axx Sick ftmg-esr50sxx Sick ftmg-esd25axx Firmware Sick ftmg-esr50sxx Firmware Sick ftmg-esr40sxx Firmware Sick ftmg-esd25axx Sick ftmg-esn50sxx Firmware |
|
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf - Vendor Advisory | |
References | (MISC) https://sick.com/psirt - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:* |
|
CWE | CWE-400 |
15 May 2023, 12:54
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-05-15 11:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-31409
Mitre link : CVE-2023-31409
CVE.ORG link : CVE-2023-31409
JSON object : View
Products Affected
sick
- ftmg-esd20axx_firmware
- ftmg-esr40sxx_firmware
- ftmg-esd15axx
- ftmg-esd15axx_firmware
- ftmg-esn50sxx
- ftmg-esd25axx_firmware
- ftmg-esd20axx
- ftmg-esr40sxx
- ftmg-esn50sxx_firmware
- ftmg-esd25axx
- ftmg-esr50sxx_firmware
- ftmg-esn40sxx_firmware
- ftmg-esn40sxx
- ftmg-esr50sxx
CWE
CWE-400
Uncontrolled Resource Consumption