Lucene search

[email protected]NVD:CVE-2023-43697

HistoryOct 09, 2023 - 1:15 p.m.

CVE-2023-43697

2023-10-0913:15:10

CWE-471

[email protected]

web.nvd.nist.gov

cve-2023-43697

modification assumed immutable

rdt400

sick apu

unprivileged remote attacker

file path modification

http requests

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

0.001 Low

EPSS

Percentile

39.5%

JSON

Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an
unprivileged remote attacker to make the site unable to load necessary strings via changing file paths
using HTTP requests.

Affected configurations

NVD

Node

sickapu0200_firmwareRange<4.0.0.6

AND

sickapu0200Match-

References

sick.com/.well-known/csaf/white/2023/sca-2023-0010.json

sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf

sick.com/psirt

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

0.001 Low

EPSS

Percentile

39.5%

JSON

Related for NVD:CVE-2023-43697

cve1 prion1 cvelist1