cvelistv5 - CVE-2023-35698

CVE-2023-35698 (GCVE-0-2023-35698)

Vulnerability from cvelistv5

Published

2023-07-10 09:37

Modified

2024-10-25 19:51

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-204 - Observable Response Discrepancy

Summary

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

References

URL

	Vendor	Product	Version
	SICK AG	ICR890-4	Version: 0

ghsa-4fq5-58j6-9qph

Vulnerability from github

Published

2023-07-10 18:30

Modified

2024-04-04 05:53

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-35698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-203",
      "CWE-204"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-10T16:15:52Z",
    "severity": "MODERATE"
  },
  "details": "\nObservable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login\nattempt.\n\n",
  "id": "GHSA-4fq5-58j6-9qph",
  "modified": "2024-04-04T05:53:15Z",
  "published": "2023-07-10T18:30:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35698"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
    },
    {
      "type": "WEB",
      "url": "https://sick.com/psirt"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

sca-2023-0006

Vulnerability from csaf_sick

Published

2023-07-10 13:00

Modified

2023-07-10 13:00

Summary

Vulnerabilities in SICK ICR890-4

Notes

SICK has found several security vulnerabilities in the SICK ICR890-4. If exploited, these could allow an unauthenticated remote attacker to compromise the availability or confidentiality of the SICK ICR890-4. Currently, SICK is not aware of any public exploits that specifically target any of the vulnerabilities. SICK has released a new version of the SICK ICR890-4 firmware and recommends updating to the latest version.

General Security Measures

As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.

Vulnerability Classification

SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer’s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "SICK has found several security vulnerabilities in the SICK ICR890-4. If exploited, these could allow an unauthenticated remote attacker to compromise the availability or confidentiality of the SICK ICR890-4. Currently, SICK is not aware of any public exploits that specifically target any of the vulnerabilities. \n\nSICK has released a new version of the SICK ICR890-4 firmware and recommends updating to the latest version."
      },
      {
        "category": "general",
        "text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
        "title": "General Security Measures"
      },
      {
        "category": "general",
        "text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
        "title": "Vulnerability Classification"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@sick.de",
      "issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
      "name": "SICK PSIRT",
      "namespace": "https://www.sick.com/psirt"
    },
    "references": [
      {
        "summary": "SICK PSIRT Security Advisories",
        "url": "https://www.sick.com/psirt"
      },
      {
        "summary": "SICK Operating Guidelines",
        "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
      },
      {
        "summary": "ICS-CERT recommended practices on Industrial Security",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "summary": "CVSS v3.1 Calculator",
        "url": "https://www.first.org/cvss/calculator/3.1"
      },
      {
        "category": "self",
        "summary": "The canonical URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
      },
      {
        "category": "self",
        "summary": "The canonical PDF URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
      }
    ],
    "title": "Vulnerabilities in SICK ICR890-4",
    "tracking": {
      "current_release_date": "2023-07-10T13:00:00.000Z",
      "generator": {
        "date": "2023-12-04T10:33:21.417Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.2.16"
        }
      },
      "id": "SCA-2023-0006",
      "initial_release_date": "2023-07-10T13:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-07-10T13:00:00.000Z",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2023-12-04T11:00:00.000Z",
          "number": "2",
          "summary": "Added self reference in CSAF"
        },
        {
          "date": "2025-07-30T07:30:00.000Z",
          "number": "3",
          "summary": "Updated Advisory: URL for SICK Operating Guidelines has been updated"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK ICR890-4 all versions",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "x_generic_uris": [
                      {
                        "namespace": "SICK:Website",
                        "uri": "SICK:Website:https://www.sick.com/de/de/systemloesungen/track-and-trace-systeme/icr-identification-system/c/g555825"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ICR890-4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.5.0",
                "product": {
                  "name": "SICK ICR890-4 Firmware \u003cV2.5.0",
                  "product_id": "CSAFPID-0002"
                }
              },
              {
                "category": "product_version",
                "name": "V2.5.0",
                "product": {
                  "name": "SICK ICR890-4 Firmware V2.5.0",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "ICR890-4 Firmware"
          }
        ],
        "category": "vendor",
        "name": "SICK AG"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK ICR890-4 with Firmware \u003cV2.5.0",
          "product_id": "CSAFPID-0004"
        },
        "product_reference": "CSAFPID-0002",
        "relates_to_product_reference": "CSAFPID-0001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK ICR890-4 all versions with Firmware V2.5.0",
          "product_id": "CSAFPID-0005"
        },
        "product_reference": "CSAFPID-0003",
        "relates_to_product_reference": "CSAFPID-0001"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-3270",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "description",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthetnticated remote attacker to retrieve sensitive information about the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "workaround",
          "details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.6,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 8.6,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Exposure of Sensitive Information to an Unauthorized Actor in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-3271",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "description",
          "text": "Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.2,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.2,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Improper Access Control in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-3272",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "description",
          "text": "Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "workaround",
          "details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Cleartext Transmission of Sensitive Information in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-3273",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "description",
          "text": "Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "workaround",
          "details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Improper Access Control in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35696",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "description",
          "text": "Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0005"
        ],
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Exposure of Resource to Wrong Sphere in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35697",
      "cwe": {
        "id": "CWE-307",
        "name": "Improper Restriction of Excessive Authentication Attempts"
      },
      "notes": [
        {
          "category": "description",
          "text": "Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Improper Restriction of Excessive Authentication Attempts in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35698",
      "cwe": {
        "id": "CWE-204",
        "name": "Observable Response Discrepancy"
      },
      "notes": [
        {
          "category": "description",
          "text": "Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Observable Response Discrepancy in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35699",
      "cwe": {
        "id": "CWE-313",
        "name": "Cleartext Storage in a File or on Disk"
      },
      "notes": [
        {
          "category": "description",
          "text": "Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Please make sure that you apply general security practices when operating the SICK ICR890-4 like restricting physical access to the device.\nThe following general security practices could mitigate the associated security risk. \n",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Cleartext Storage in a File or on Disk in SICK ICR890-4"
    }
  ]
}

SCA-2023-0006

Vulnerability from csaf_sick

Published

2023-07-10 13:00

Modified

2023-07-10 13:00

Summary

Vulnerabilities in SICK ICR890-4

Notes

General Security Measures

Vulnerability Classification

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "summary",
        "text": "SICK has found several security vulnerabilities in the SICK ICR890-4. If exploited, these could allow an unauthenticated remote attacker to compromise the availability or confidentiality of the SICK ICR890-4. Currently, SICK is not aware of any public exploits that specifically target any of the vulnerabilities. \n\nSICK has released a new version of the SICK ICR890-4 firmware and recommends updating to the latest version."
      },
      {
        "category": "general",
        "text": "As general security measures, SICK recommends to minimize network exposure of the devices, restrict network access and follow recommended security practices in order to run the devices in a protected IT environment.",
        "title": "General Security Measures"
      },
      {
        "category": "general",
        "text": "SICK performs vulnerability classification by using the CVSS scoring system (*CVSS v3.1*). The environmental score is dependent on the customer\u2019s environment and can affect the overall CVSS score. SICK recommends that customers individually evaluate the environmental score to achieve final scoring.",
        "title": "Vulnerability Classification"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@sick.de",
      "issuing_authority": "SICK AG issues and issues in EHS products (when related to the Endress+Hauser SICK (EHS) joint venture).",
      "name": "SICK PSIRT",
      "namespace": "https://www.sick.com/psirt"
    },
    "references": [
      {
        "summary": "SICK PSIRT Security Advisories",
        "url": "https://www.sick.com/psirt"
      },
      {
        "summary": "SICK Operating Guidelines",
        "url": "https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf"
      },
      {
        "summary": "ICS-CERT recommended practices on Industrial Security",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "summary": "CVSS v3.1 Calculator",
        "url": "https://www.first.org/cvss/calculator/3.1"
      },
      {
        "category": "self",
        "summary": "The canonical URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
      },
      {
        "category": "self",
        "summary": "The canonical PDF URL.",
        "url": "https://www.sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
      }
    ],
    "title": "Vulnerabilities in SICK ICR890-4",
    "tracking": {
      "current_release_date": "2023-07-10T13:00:00.000Z",
      "generator": {
        "date": "2023-12-04T10:33:21.417Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.2.16"
        }
      },
      "id": "SCA-2023-0006",
      "initial_release_date": "2023-07-10T13:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-07-10T13:00:00.000Z",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2023-12-04T11:00:00.000Z",
          "number": "2",
          "summary": "Added self reference in CSAF"
        },
        {
          "date": "2025-07-30T07:30:00.000Z",
          "number": "3",
          "summary": "Updated Advisory: URL for SICK Operating Guidelines has been updated"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "SICK ICR890-4 all versions",
                  "product_id": "CSAFPID-0001",
                  "product_identification_helper": {
                    "x_generic_uris": [
                      {
                        "namespace": "SICK:Website",
                        "uri": "SICK:Website:https://www.sick.com/de/de/systemloesungen/track-and-trace-systeme/icr-identification-system/c/g555825"
                      }
                    ]
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "ICR890-4"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cV2.5.0",
                "product": {
                  "name": "SICK ICR890-4 Firmware \u003cV2.5.0",
                  "product_id": "CSAFPID-0002"
                }
              },
              {
                "category": "product_version",
                "name": "V2.5.0",
                "product": {
                  "name": "SICK ICR890-4 Firmware V2.5.0",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "ICR890-4 Firmware"
          }
        ],
        "category": "vendor",
        "name": "SICK AG"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK ICR890-4 with Firmware \u003cV2.5.0",
          "product_id": "CSAFPID-0004"
        },
        "product_reference": "CSAFPID-0002",
        "relates_to_product_reference": "CSAFPID-0001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "SICK ICR890-4 all versions with Firmware V2.5.0",
          "product_id": "CSAFPID-0005"
        },
        "product_reference": "CSAFPID-0003",
        "relates_to_product_reference": "CSAFPID-0001"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-3270",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "description",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthetnticated remote attacker to retrieve sensitive information about the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "workaround",
          "details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.6,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 8.6,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Exposure of Sensitive Information to an Unauthorized Actor in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-3271",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "description",
          "text": "Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.2,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.2,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Improper Access Control in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-3272",
      "cwe": {
        "id": "CWE-319",
        "name": "Cleartext Transmission of Sensitive Information"
      },
      "notes": [
        {
          "category": "description",
          "text": "Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "workaround",
          "details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Cleartext Transmission of Sensitive Information in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-3273",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "description",
          "text": "Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "workaround",
          "details": "SICK recommends to disable port 2111 \u0026 2122 once the SICK ICR890-4 is put into operation.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Improper Access Control in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35696",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "description",
          "text": "Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0005"
        ],
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Exposure of Resource to Wrong Sphere in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35697",
      "cwe": {
        "id": "CWE-307",
        "name": "Improper Restriction of Excessive Authentication Attempts"
      },
      "notes": [
        {
          "category": "description",
          "text": "Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Improper Restriction of Excessive Authentication Attempts in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35698",
      "cwe": {
        "id": "CWE-204",
        "name": "Observable Response Discrepancy"
      },
      "notes": [
        {
          "category": "description",
          "text": "Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "The recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as possible.",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Observable Response Discrepancy in SICK ICR890-4"
    },
    {
      "cve": "CVE-2023-35699",
      "cwe": {
        "id": "CWE-313",
        "name": "Cleartext Storage in a File or on Disk"
      },
      "notes": [
        {
          "category": "description",
          "text": "Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Please make sure that you apply general security practices when operating the SICK ICR890-4 like restricting physical access to the device.\nThe following general security practices could mitigate the associated security risk. \n",
          "product_ids": [
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0004"
          ]
        }
      ],
      "title": "Cleartext Storage in a File or on Disk in SICK ICR890-4"
    }
  ]
}

gsd-2023-35698

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

Aliases

CVE-2023-35698

Aliases

CVE-2023-35698

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-35698",
    "id": "GSD-2023-35698"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-35698"
      ],
      "details": "\nObservable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login\nattempt.\n\n",
      "id": "GSD-2023-35698",
      "modified": "2023-12-13T01:20:46.212893Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@sick.de",
        "ID": "CVE-2023-35698",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ICR890-4",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "lessThan": "2.5.0",
                                "status": "affected",
                                "version": "0",
                                "versionType": "*"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SICK AG"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "\nObservable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login\nattempt.\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-204",
                "lang": "eng",
                "value": "CWE-204 Observable Response Discrepancy"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://sick.com/psirt",
            "refsource": "MISC",
            "url": "https://sick.com/psirt"
          },
          {
            "name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf",
            "refsource": "MISC",
            "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
          },
          {
            "name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json",
            "refsource": "MISC",
            "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nThe recommended solution is to update the firmware to a version \u0026gt;= V2.5.0 as soon as\npossible.\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nThe recommended solution is to update the firmware to a version \u003e= V2.5.0 as soon as\npossible.\n\n\n"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "2.5.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@sick.de",
          "ID": "CVE-2023-35698"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "\nObservable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login\nattempt.\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-203"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
            },
            {
              "name": "https://sick.com/psirt",
              "refsource": "MISC",
              "tags": [
                "Product"
              ],
              "url": "https://sick.com/psirt"
            },
            {
              "name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2023-07-18T11:44Z",
      "publishedDate": "2023-07-10T16:15Z"
    }
  }
}

fkie_cve-2023-35698

Vulnerability from fkie_nvd

Published

2023-07-10 16:15

Modified

2024-11-21 08:08

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.

References

URL	Tags
psirt@sick.de	https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json	Vendor Advisory
psirt@sick.de	https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf	Vendor Advisory
psirt@sick.de	https://sick.com/psirt	Product
af854a3a-2127-422b-91ae-364da2661108	https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://sick.com/psirt	Product

Impacted products

	Vendor	Product	Version
	sick	icr890-4_firmware	*
	sick	icr890-4	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F",
              "versionEndExcluding": "2.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nObservable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login\nattempt.\n\n"
    }
  ],
  "id": "CVE-2023-35698",
  "lastModified": "2024-11-21T08:08:31.977",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@sick.de",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-07-10T16:15:52.937",
  "references": [
    {
      "source": "psirt@sick.de",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
    },
    {
      "source": "psirt@sick.de",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
    },
    {
      "source": "psirt@sick.de",
      "tags": [
        "Product"
      ],
      "url": "https://sick.com/psirt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://sick.com/psirt"
    }
  ],
  "sourceIdentifier": "psirt@sick.de",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-204"
        }
      ],
      "source": "psirt@sick.de",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2023-35698 (GCVE-0-2023-35698)

Vulnerability from cvelistv5

ghsa-4fq5-58j6-9qph

Vulnerability from github

sca-2023-0006

Vulnerability from csaf_sick

SCA-2023-0006

Vulnerability from csaf_sick

gsd-2023-35698

Vulnerability from gsd

fkie_cve-2023-35698

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature