Filtered by vendor Sick
Subscriptions
Filtered by product Apu0200
Subscriptions
Total
9 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-5103 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 4.3 Medium |
| Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an actionable item using an iframe. | ||||
| CVE-2023-5102 | 2 Sick, Sick Ag | 3 Apu0200, Apu0200 Firmware, Apu0200 | 2024-11-21 | 5.3 Medium |
| Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests. | ||||
| CVE-2023-5101 | 2 Sick, Sick Ag | 3 Apu0200, Apu0200 Firmware, Apu0200 | 2024-11-21 | 5.3 Medium |
| Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests. | ||||
| CVE-2023-5100 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 5.9 Medium |
| Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted. | ||||
| CVE-2023-43700 | 1 Sick | 3 Apu0200, Apu0200 Firmware, Rdt400 | 2024-11-21 | 7.7 High |
| Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication. | ||||
| CVE-2023-43699 | 2 Sick, Sick Ag | 3 Apu0200, Apu0200 Firmware, Apu0200 | 2024-11-21 | 7.5 High |
| Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited. | ||||
| CVE-2023-43698 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (’Cross-site Scripting’) in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the clients browser via injecting code into the website. | ||||
| CVE-2023-43697 | 2 Sick, Sick Ag | 3 Apu0200, Apu0200 Firmware, Apu0200 | 2024-11-21 | 6.5 Medium |
| Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests. | ||||
| CVE-2023-43696 | 1 Sick | 2 Apu0200, Apu0200 Firmware | 2024-11-21 | 8.2 High |
| Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server. | ||||
Page 1 of 1.