CVE-2023-3270

Опубликовано: 10 июл. 2023

Источник: nvd

CVSS3: 8.6

CVSS3: 7.5

EPSS Низкий

Описание

Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.

Ссылки

https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*

Версия до 2.5.0 (исключая)

cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00242

Низкий

8.6 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-668

Связанные уязвимости

GHSA-2h4j-hwr9-94jw

CVSS3: 8.6

github

больше 2 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.

EPSS

Процентиль: 47%

0.00242

Низкий

8.6 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-668