Information disclosure

2023-07-1016:15:00

PRIOn knowledge base

www.prio-n.com

unauthenticated endpoints

remote attacker

sensitive information

http requests

nvd

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.2%

JSON

Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated
remote attacker to retrieve sensitive information about the device via HTTP requests.

CPENameOperatorVersion
icr890-4_firmwarelt2.5.0

CPE	Name	Operator	Version
	icr890-4_firmware	lt	2.5.0

References

sick.com/.well-known/csaf/white/2023/sca-2023-0006.json

sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf

sick.com/psirt