FKIE_CVE-2023-23450
Vulnerability from fkie_nvd - Published: 2023-05-15 11:15 - Updated: 2024-11-21 07:46
Severity ?
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR
FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526
allows an unprivileged remote attacker to use a password hash instead of an actual password to login
to a valid user account via the REST interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sick | ftmg-esd20axx_firmware | * | |
| sick | ftmg-esd20axx | - | |
| sick | ftmg-esd25axx_firmware | * | |
| sick | ftmg-esd25axx | - | |
| sick | ftmg-esn40sxx_firmware | * | |
| sick | ftmg-esn40sxx | - | |
| sick | ftmg-esn50sxx_firmware | * | |
| sick | ftmg-esn50sxx | - | |
| sick | ftmg-esr50sxx_firmware | * | |
| sick | ftmg-esr50sxx | - | |
| sick | ftmg-esr40sxx_firmware | * | |
| sick | ftmg-esr40sxx | - | |
| sick | ftmg-esd15axx_firmware | * | |
| sick | ftmg-esd15axx | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3882685-8678-47E4-995C-C3F6D9AD5668",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AD808F-900B-41EE-B90A-F9D67AAAD6BE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49D930E8-415C-4183-87A1-8D7F44247B67",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24618A95-328C-47C9-B8EF-B4DF6E65D68E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCC9C0B-7CCE-44E5-B25D-67BF971B4541",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "290B016B-20B7-40C1-B825-6ED4774C4861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E23D6018-1DFB-4516-82C9-3A3B09C2CBF9",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B113D9E-8E61-4F9C-9E5B-2030EEFB133B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "77F2683F-B1B5-4033-97D4-ADF77B6B50E8",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A02547D3-5E40-41B3-A7B4-D63F60A5F80B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9075A02A-C627-43DA-ACF7-776197B518C5",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B887993-18A8-493F-97A1-A788FBD5A5B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9219CD8-34CE-45A2-904A-E7B1740706C2",
"versionEndExcluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF162AA9-6645-4032-8D29-BAE2D60FBD9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nUse of Password Hash Instead of Password for Authentication in SICK FTMg AIR\nFLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526\nallows an unprivileged remote attacker to use a password hash instead of an actual password to login\nto a valid user account via the REST interface.\n\n"
}
],
"id": "CVE-2023-23450",
"lastModified": "2024-11-21T07:46:13.390",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-15T11:15:09.407",
"references": [
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json"
},
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf"
},
{
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sick.com/psirt"
}
],
"sourceIdentifier": "psirt@sick.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-836"
}
],
"source": "psirt@sick.de",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…