CVE-2023-23445

Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to gain unauthorized access to data fields by using a therefore unpriviledged account via the REST interface.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sick:ftmg-esd20axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd20axx:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:sick:ftmg-esd25axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd25axx:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:sick:ftmg-esn40sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esn40sxx:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:sick:ftmg-esn50sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esn50sxx:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:sick:ftmg-esr50sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esr50sxx:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:sick:ftmg-esr40sxx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esr40sxx:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:sick:ftmg-esd15axx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg-esd15axx:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-05-15 11:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-23445

Mitre link : CVE-2023-23445

CVE.ORG link : CVE-2023-23445


JSON object : View

Products Affected

sick

  • ftmg-esd15axx
  • ftmg-esd25axx
  • ftmg-esr50sxx
  • ftmg-esr40sxx
  • ftmg-esn40sxx
  • ftmg-esr50sxx_firmware
  • ftmg-esd20axx_firmware
  • ftmg-esn50sxx_firmware
  • ftmg-esn50sxx
  • ftmg-esd15axx_firmware
  • ftmg-esd20axx
  • ftmg-esd25axx_firmware
  • ftmg-esr40sxx_firmware
  • ftmg-esn40sxx_firmware
CWE
CWE-863

Incorrect Authorization

CWE-284

Improper Access Control