Vulnerability Details CVE-2023-23446
Improper Access Control in SICK FTMg AIR FLOW SENSOR with Partnumbers
1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to download files by using a therefore unpriviledged account via the REST interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.8%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-23446
-
cpe:2.3:h:sick:ftmg-esd15axx:-
-
cpe:2.3:h:sick:ftmg-esd20axx:-
-
cpe:2.3:h:sick:ftmg-esd25axx:-
-
cpe:2.3:h:sick:ftmg-esn40sxx:-
-
cpe:2.3:h:sick:ftmg-esn50sxx:-
-
cpe:2.3:h:sick:ftmg-esr40sxx:-
-
cpe:2.3:h:sick:ftmg-esr50sxx:-
-
cpe:2.3:o:sick:ftmg-esd15axx_firmware:-
-
cpe:2.3:o:sick:ftmg-esd20axx_firmware:-
-
cpe:2.3:o:sick:ftmg-esd25axx_firmware:-
-
cpe:2.3:o:sick:ftmg-esn40sxx_firmware:-
-
cpe:2.3:o:sick:ftmg-esn50sxx_firmware:-
-
cpe:2.3:o:sick:ftmg-esr40sxx_firmware:-
-
cpe:2.3:o:sick:ftmg-esr50sxx_firmware:-