CVE-2023-5246
Severity CVSS v4.0:
Pending analysis
Type:
CWE-287
Authentication Issues
Publication date:
23/10/2023
Last modified:
31/10/2023
Description
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-get00000_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-get00000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-get00010_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-get00010:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page