5.3
CVE-2023-5102
- EPSS 0.18%
- Veröffentlicht 09.10.2023 13:15:10
- Zuletzt bearbeitet 21.11.2024 08:41:03
- Quelle psirt@sick.de
- CVE-Watchlists
- Unerledigt
LoginInsufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sick ≫ Apu0200 Firmware Version < 4.0.0.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.404 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| psirt@sick.de | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-691 Insufficient Control Flow Management
The code does not sufficiently manage its control flow during execution, creating conditions in which the control flow can be modified in unexpected ways.