{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5246", "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "state": "PUBLISHED", "assignerShortName": "SICK AG", "dateReserved": "2023-09-28T06:29:07.044Z", "datePublished": "2023-10-23T12:22:19.895Z", "dateUpdated": "2024-09-11T16:17:17.559Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "FX0-GMOD00000", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GMOD00010", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GMOD00030", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GPNT00000", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GPNT00010", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GPNT00030", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GETC00000", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GETC00010", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX3-GEPR00000", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX3-GEPR00010", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GENT00000", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GENT00010", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}, {"defaultStatus": "affected", "product": "FX0-GENT00030", "vendor": "SICK AG", "versions": [{"status": "affected", "version": "vers:all/*"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."}], "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"description": "Authentication Bypass by Capture-replay", "lang": "en"}]}], "providerMetadata": {"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "shortName": "SICK AG", "dateUpdated": "2023-10-25T09:19:02.867Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://sick.com/psirt"}, {"tags": ["vendor-advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"}, {"tags": ["x_csaf"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"}], "source": {"discovery": "INTERNAL"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": true, "type": "text/html", "value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"}], "value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:52:08.511Z"}, "title": "CVE Program Container", "references": [{"tags": ["issue-tracking", "x_transferred"], "url": "https://sick.com/psirt"}, {"tags": ["vendor-advisory", "x_transferred"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"}, {"tags": ["x_csaf", "x_transferred"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"}]}, {"affected": [{"vendor": "sick", "product": "fx0-gmod00000_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gmod00010_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gmod00030_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gpnt00000_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gpnt00010_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gpnt00030_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-getc00000", "cpes": ["cpe:2.3:o:sick:fx0-getc00000:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-getc00010", "cpes": ["cpe:2.3:o:sick:fx0-getc00010:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx3-gepr00000", "cpes": ["cpe:2.3:o:sick:fx3-gepr00000:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx3-gepr00010", "cpes": ["cpe:2.3:o:sick:fx3-gepr00010:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gent00000_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gent00010_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}, {"vendor": "sick", "product": "fx0-gent00030_firmware", "cpes": ["cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "*", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T15:28:47.832868Z", "id": "CVE-2023-5246", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T16:17:17.559Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sick.com/psirt", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json", "tags": ["x_csaf", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:52:08.511Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-5246", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-11T15:28:47.832868Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gmod00000_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gmod00010_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gmod00030_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gpnt00000_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gpnt00010_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gpnt00030_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-getc00000:*:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-getc00000", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-getc00010:*:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-getc00010", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx3-gepr00000:*:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx3-gepr00000", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx3-gepr00010:*:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx3-gepr00010", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gent00000_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gent00010_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*"], "vendor": "sick", "product": "fx0-gent00030_firmware", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T15:32:30.912Z"}}], "cna": {"source": {"discovery": "INTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SICK AG", "product": "FX0-GMOD00000", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GMOD00010", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GMOD00030", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GPNT00000", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GPNT00010", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GPNT00030", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GETC00000", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GETC00010", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX3-GEPR00000", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX3-GEPR00010", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GENT00000", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GENT00010", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}, {"vendor": "SICK AG", "product": "FX0-GENT00030", "versions": [{"status": "affected", "version": "vers:all/*"}], "defaultStatus": "affected"}], "references": [{"url": "https://sick.com/psirt", "tags": ["issue-tracking"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf", "tags": ["vendor-advisory"]}, {"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json", "tags": ["x_csaf"]}], "workarounds": [{"lang": "en", "value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n", "supportingMedia": [{"type": "text/html", "value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n", "base64": true}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.", "supportingMedia": [{"type": "text/html", "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay.", "base64": true}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Authentication Bypass by Capture-replay"}]}], "providerMetadata": {"orgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "shortName": "SICK AG", "dateUpdated": "2023-10-25T09:19:02.867Z"}}}, "cveMetadata": {"cveId": "CVE-2023-5246", "state": "PUBLISHED", "dateUpdated": "2024-09-11T16:17:17.559Z", "dateReserved": "2023-09-28T06:29:07.044Z", "assignerOrgId": "a6863dd2-93fc-443d-bef1-79f0b5020988", "datePublished": "2023-10-23T12:22:19.895Z", "assignerShortName": "SICK AG"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E8B658A-49DD-4F7C-9A20-191C8F6F3D8F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gent00010_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "61689FA0-FB90-4E9F-B500-AADCF8D827BE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gent00010:-:*:*:*:*:*:*:*", "matchCriteriaId": "BBAC00EB-BB15-4A65-A58D-B3015F7CFF85", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "896EDB87-DB8E-4D82-83EB-65403F23FEB7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*", "matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-get00000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B04537E8-8C53-4CB7-BEB8-C2CDB15FEC3D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-get00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0A0E589-9A9F-4ABF-A1D0-53DE376D6E07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-get00010_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDBC09BA-A57C-4CAA-B6B7-6FC7922E3862", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-get00010:-:*:*:*:*:*:*:*", "matchCriteriaId": "E01C2381-4CC3-49C7-A4FE-9A37754C2AA6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E87CA0E-7749-4F1E-B30B-78183ACF3170", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "925AD219-B3D3-42B6-99E6-E97298AE0A4C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*", "matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gmod00030_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "949735C8-09BE-453C-B83A-8BF80BD370B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gmod00030:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F18250E-A899-4210-A0D3-087438EFCEA3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "30BF991A-B66F-48B3-8902-D50C3B38A30D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gpnt00010_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "00770E9A-64BC-4440-A921-49ECD5C5986D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gpnt00010:-:*:*:*:*:*:*:*", "matchCriteriaId": "60B6F37A-78EE-4D1F-ACAE-FDE864F847B8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9447F86A-5967-4C97-AF69-369EF2BD2052", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gepr00000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B08EEEB3-7310-4382-9C30-B1F6CBC69582", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gepr00000:-:*:*:*:*:*:*:*", "matchCriteriaId": "41E76E7E-9840-4E37-A554-D0DE70E178E0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:fx0-gepr00010_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56AF0E16-E0E7-4B5D-ABE3-02E27B4F9AC6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:fx0-gepr00010:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2D5EB09-6970-4CD7-BE09-D563E73B55F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availability, integrity and confidentiality of the gateways via an authentication bypass by capture-replay."}, {"lang": "es", "value": "Omisi\u00f3n de autenticaci\u00f3n mediante Capture-replay en SICK Flexi Soft Gateways con n\u00fameros de pieza 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 permite que un atacante remoto no autenticado afecte potencialmente la disponibilidad y la integridad y confidencialidad de las puertas de enlace mediante una omisi\u00f3n de autenticaci\u00f3n mediante capture-replay."}], "id": "CVE-2023-5246", "lastModified": "2024-11-21T08:41:22.023", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "psirt@sick.de", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-10-23T13:15:09.087", "references": [{"source": "psirt@sick.de", "tags": ["Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"}, {"source": "psirt@sick.de", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"}, {"source": "psirt@sick.de", "tags": ["Vendor Advisory"], "url": "https://sick.com/psirt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sick.com/psirt"}], "sourceIdentifier": "psirt@sick.de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}