PT-2023-23978 · Sick · Sick Icr890-4

Publicado

2023-07-10

Atualizado

2023-07-19

CVE-2023-3271

CVSS v3.1

8.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Name of the Vulnerable Software and Affected Versions SICK ICR890-4 (affected versions not specified)

Description The issue concerns improper access control, allowing an unauthenticated remote attacker to gather system information and download data via the REST API by accessing unauthenticated endpoints.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2023-3271

Produtos afetados

Sick Icr890-4

PT-2023-23978 · Sick · Sick Icr890-4

CVE-2023-3271

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6