The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.
References
Link | Resource |
---|---|
https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf | Vendor Advisory |
https://sick.com/psirt | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 08:01
Type | Values Removed | Values Added |
---|---|---|
References | () https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json - Vendor Advisory | |
References | () https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf - Vendor Advisory | |
References | () https://sick.com/psirt - Vendor Advisory |
30 Aug 2023, 14:34
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-916 | |
CPE | cpe:2.3:h:sick:lms500:-:*:*:*:*:*:*:* cpe:2.3:h:sick:lms531:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lms500_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:sick:lms511:-:*:*:*:*:*:*:* cpe:2.3:o:sick:lms531_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:sick:lms511_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Sick lms531 Firmware
Sick lms531 Sick lms500 Sick Sick lms511 Sick lms500 Firmware Sick lms511 Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://sick.com/psirt - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json - Vendor Advisory | |
References | (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf - Vendor Advisory |
24 Aug 2023, 19:55
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-24 19:15
Updated : 2024-11-21 08:01
NVD link : CVE-2023-31412
Mitre link : CVE-2023-31412
CVE.ORG link : CVE-2023-31412
JSON object : View
Products Affected
sick
- lms500_firmware
- lms511
- lms500
- lms531
- lms531_firmware
- lms511_firmware
CWE
CWE-916
Use of Password Hash With Insufficient Computational Effort