CVE-2023-35699

Опубликовано: 10 июл. 2023

Источник: nvd

CVSS3: 5.3

CVSS3: 4.6

EPSS Низкий

Описание

Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.

Ссылки

https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf
Vendor Advisory
https://sick.com/psirt
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*

Версия до 2.5.0 (исключая)

cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%

0.0004

Низкий

5.3 Medium

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-313

CWE-312

Связанные уязвимости

GHSA-fq7j-mj26-w42x

CVSS3: 5.3

github

больше 2 лет назад

Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.

EPSS

Процентиль: 12%

0.0004

Низкий

5.3 Medium

CVSS3

4.6 Medium

CVSS3

Дефекты

CWE-313

CWE-312