Lucene search

[email protected]NVD:CVE-2023-23451

HistoryApr 19, 2023 - 11:15 p.m.

CVE-2023-23451

2023-04-1923:15:06

CWE-306

CWE-477

[email protected]

web.nvd.nist.gov

sick

ethernet

gateways

telnet

enabled

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.

Affected configurations

Nvd

Node

sickue410-en3_firmware

AND

sickue410-en3Match-

Node

sickue410-en1_firmware

AND

sickue410-en1Match-

Node

sickue410-en3s04_firmware

AND

sickue410-en3s04Match-

Node

sickue410-en4_firmware

AND

sickue410-en4Match-

Node

sickfx0-gent00000_firmwareRange≤2.11.0

AND

sickfx0-gent00000Match-

Node

sickfx0-gmod00000_firmwareRange≤2.11.0

AND

sickfx0-gmod00000Match-

Node

sickfx0-gpnt00000_firmwareRange≤2.12.0

AND

sickfx0-gpnt00000Match-

Node

sickfx0-gent00030_firmware

AND

sickfx0-gent00030Match-

Node

sickfx0-gpnt00030_firmware

AND

sickfx0-gpnt00030Match-

Node

sickfx0-gmod00010_firmwareRange≤2.11.0

AND

sickfx0-gmod00010Match-

VendorProductVersionCPE
sickue410-en3_firmware*cpe:2.3:o:sick:ue410-en3_firmware:*:*:*:*:*:*:*:*
sickue410-en3-cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*
sickue410-en1_firmware*cpe:2.3:o:sick:ue410-en1_firmware:*:*:*:*:*:*:*:*
sickue410-en1-cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*
sickue410-en3s04_firmware*cpe:2.3:o:sick:ue410-en3s04_firmware:*:*:*:*:*:*:*:*
sickue410-en3s04-cpe:2.3:h:sick:ue410-en3s04:-:*:*:*:*:*:*:*
sickue410-en4_firmware*cpe:2.3:o:sick:ue410-en4_firmware:*:*:*:*:*:*:*:*
sickue410-en4-cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*
sickfx0-gent00000_firmware*cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*
sickfx0-gent00000-cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sick	ue410-en3_firmware	*	cpe:2.3:o:sick:ue410-en3_firmware::::::::
sick	ue410-en3	-	cpe:2.3:h:sick:ue410-en3:-:::::::*
sick	ue410-en1_firmware	*	cpe:2.3:o:sick:ue410-en1_firmware::::::::
sick	ue410-en1	-	cpe:2.3:h:sick:ue410-en1:-:::::::*
sick	ue410-en3s04_firmware	*	cpe:2.3:o:sick:ue410-en3s04_firmware::::::::
sick	ue410-en3s04	-	cpe:2.3:h:sick:ue410-en3s04:-:::::::*
sick	ue410-en4_firmware	*	cpe:2.3:o:sick:ue410-en4_firmware::::::::
sick	ue410-en4	-	cpe:2.3:h:sick:ue410-en4:-:::::::*
sick	fx0-gent00000_firmware	*	cpe:2.3:o:sick:fx0-gent00000_firmware::::::::
sick	fx0-gent00000	-	cpe:2.3:h:sick:fx0-gent00000:-:::::::*

Rows per page:

1-10 of 201

References

sick.com/psirt

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

54.1%

JSON

Related for NVD:CVE-2023-23451

cvelist1 prion1 cve1