CVE-2023-43699

Опубликовано: 09 окт. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited.

Ссылки

https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf
Vendor Advisory
https://sick.com/psirt
Product
https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json
Vendor Advisory
https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf
Vendor Advisory
https://sick.com/psirt
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:apu0200_firmware:*:*:*:*:*:*:*:*

Версия до 4.0.0.6 (исключая)

cpe:2.3:h:sick:apu0200:-:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00198

Низкий

7.5 High

CVSS3

Дефекты

CWE-307

Связанные уязвимости

GHSA-cfjm-49ph-8gv8