Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with Partnumbers 1042193, 1042964, 1044078, 1044072, 1044073, 1044074, 1099830, 1099832, 1127717, 1069070, 1112296, 1051432, 1102420, 1127487, 1121596, 1121597 allows an unauthenticated remote attacker to influence the availability of the device by changing the IP settings of the device via broadcasted UDP packets.
References
Link | Resource |
---|---|
https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
26 May 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.2 |
First Time |
Sick fx0-gent00000
Sick ue410-en3 Sick ue410-en1 Sick fx0-gmod00000 Sick ue410-en3 Firmware Sick fx0-gent00010 Firmware Sick Sick fx0-gpnt00030 Sick ue410-en1 Firmware Sick fx0-gpnt00030 Firmware Sick fx0-gmod00010 Firmware Sick fx0-gpnt00000 Sick fx0-gpnt00010 Firmware Sick fx0-gmod00010 Sick fx0-gmod00000 Firmware Sick fx0-gent00030 Sick fx0-gpnt00000 Firmware Sick fx0-gent00030 Firmware Sick ue410-en4 Sick fx0-gpnt00010 Sick fx0-gent00010 Sick fx0-gent00000 Firmware Sick ue410-en4 Firmware |
|
CPE | cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ue410-en4_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ue410-en1_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:* cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:ue410-en3_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:* |
|
CWE | CWE-306 | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.pdf - Vendor Advisory | |
References | (MISC) https://sick.com/psirt - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0003.json - Vendor Advisory |
Information
Published : 2023-05-12 13:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-23444
Mitre link : CVE-2023-23444
CVE.ORG link : CVE-2023-23444
JSON object : View
Products Affected
sick
- fx0-gmod00000_firmware
- fx0-gent00030
- fx0-gpnt00000
- fx0-gpnt00010_firmware
- ue410-en4_firmware
- ue410-en4
- fx0-gent00010
- ue410-en3_firmware
- fx0-gpnt00000_firmware
- fx0-gpnt00030
- fx0-gmod00000
- fx0-gent00010_firmware
- fx0-gpnt00010
- fx0-gent00030_firmware
- fx0-gent00000
- fx0-gpnt00030_firmware
- fx0-gmod00010_firmware
- fx0-gent00000_firmware
- fx0-gmod00010
- ue410-en1
- ue410-en3
- ue410-en1_firmware
CWE
CWE-306
Missing Authentication for Critical Function