CVE-2023-23447
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Uncontrolled Resource Consumption in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to influence the availability of the webserver by invocing several open file requests via the REST interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SICK AG | SICK FTMG-ESD15AXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
| SICK AG | SICK FTMG-ESD20AXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
| SICK AG | SICK FTMG-ESD25AXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
| SICK AG | SICK FTMG-ESN40SXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
| SICK AG | SICK FTMG-ESN50SXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
| SICK AG | SICK FTMG-ESR40SXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
| SICK AG | SICK FTMG-ESR50SXX AIR FLOW SENSOR | 0 < v3.0.0.131.Release | affected |
Weaknesses
- CWE-400: CWE-400 Uncontrolled Resource Consumption
ADP Enrichment
CVE Program Container
Additional References
- https://sick.com/psirt
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://sick.com/psirt
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdf
- https://sick.com/.well-known/csaf/white/2023/sca-2023-0004.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.