exploitDog

CVE-2023-35697

Опубликовано: 10 июл. 2023

Источник: nvd

CVSS3: 5.3

CVSS3: 7.5

EPSS Низкий

Описание

Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.

Ссылки

https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*

Версия до 2.5.0 (исключая)

cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00272

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-307

CWE-307

Связанные уязвимости

GHSA-r73w-7gww-pr94

CVSS3: 5.3

github

больше 2 лет назад

Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.

EPSS

Процентиль: 50%

0.00272

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-307

CWE-307