mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
119 lines
4.5 KiB
JSON
119 lines
4.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-5288",
|
|
"ASSIGNER": "psirt@sick.de",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "\nA remote unauthorized attacker may connect to the SIM1012, interact with the device and\nchange configuration settings. The adversary may also reset the SIM and in the worst case upload a\nnew firmware version to the device.\n\n"
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-284 Improper Access Control",
|
|
"cweId": "CWE-284"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SICK AG",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "SIM1012",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"status": "affected",
|
|
"version": "all versions"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://sick.com/psirt",
|
|
"refsource": "MISC",
|
|
"name": "https://sick.com/psirt"
|
|
},
|
|
{
|
|
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.pdf",
|
|
"refsource": "MISC",
|
|
"name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.pdf"
|
|
},
|
|
{
|
|
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.json",
|
|
"refsource": "MISC",
|
|
"name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.json"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"supportingMedia": [
|
|
{
|
|
"base64": false,
|
|
"type": "text/html",
|
|
"value": "\n\nSICK recommends to disable port 2111 & 2122 once the SIM1012 is put into operation. The\ninformation how to disable the port can be retrieved from the SIM1012 API documentation. SICK\nrecommends using the SICK AppManager in version >=1.5.6 for the commissioning of the SIM1012.\n\n\n<br>"
|
|
}
|
|
],
|
|
"value": "\nSICK recommends to disable port 2111 & 2122 once the SIM1012 is put into operation. The\ninformation how to disable the port can be retrieved from the SIM1012 API documentation. SICK\nrecommends using the SICK AppManager in version >=1.5.6 for the commissioning of the SIM1012.\n\n\n\n"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"privilegesRequired": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |