exploitDog

CVE-2023-3273

Опубликовано: 10 июл. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.

Ссылки

https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*

Версия до 2.5.0 (исключая)

cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00557

Низкий

7.5 High

CVSS3

Дефекты

CWE-284

NVD-CWE-noinfo

Связанные уязвимости

GHSA-29xr-xpp4-5783

CVSS3: 7.5

github

больше 2 лет назад

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.

EPSS

Процентиль: 68%

0.00557

Низкий

7.5 High

CVSS3

Дефекты

CWE-284

NVD-CWE-noinfo