Vulnerability Details CVE-2023-23450
Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR
FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526
allows an unprivileged remote attacker to use a password hash instead of an actual password to login
to a valid user account via the REST interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.6%
CVSS Severity
CVSS v3 Score 6.2
References
Products affected by CVE-2023-23450
-
cpe:2.3:h:sick:ftmg-esd15axx:-
-
cpe:2.3:h:sick:ftmg-esd20axx:-
-
cpe:2.3:h:sick:ftmg-esd25axx:-
-
cpe:2.3:h:sick:ftmg-esn40sxx:-
-
cpe:2.3:h:sick:ftmg-esn50sxx:-
-
cpe:2.3:h:sick:ftmg-esr40sxx:-
-
cpe:2.3:h:sick:ftmg-esr50sxx:-
-
cpe:2.3:o:sick:ftmg-esd15axx_firmware:-
-
cpe:2.3:o:sick:ftmg-esd20axx_firmware:-
-
cpe:2.3:o:sick:ftmg-esd25axx_firmware:-
-
cpe:2.3:o:sick:ftmg-esn40sxx_firmware:-
-
cpe:2.3:o:sick:ftmg-esn50sxx_firmware:-
-
cpe:2.3:o:sick:ftmg-esr40sxx_firmware:-
-
cpe:2.3:o:sick:ftmg-esr50sxx_firmware:-