← voltar
CVE-2023-23447

CVE-2023-23447

CVSS 7.5 HIGHEPSS 1.1%CWE-400
Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST interface.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
SICK AG · SICK FTMG-ESD15AXX AIR FLOW SENSORSICK AG · SICK FTMG-ESD20AXX AIR FLOW SENSORSICK AG · SICK FTMG-ESD25AXX AIR FLOW SENSORSICK AG · SICK FTMG-ESN40SXX AIR FLOW SENSORSICK AG · SICK FTMG-ESN50SXX AIR FLOW SENSORSICK AG · SICK FTMG-ESR40SXX AIR FLOW SENSORSICK AG · SICK FTMG-ESR50SXX AIR FLOW SENSOR

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://sick.com/psirthttps://sick.com/.well-known/csaf/white/2023/sca-2023-0004.jsonhttps://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf