CVE-2023-3270
- EPSS 0.72%
- Veröffentlicht 10.07.2023 16:15:55
- Zuletzt bearbeitet 21.11.2024 08:16:52
Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.
CVE-2023-3271
- EPSS 0.67%
- Veröffentlicht 10.07.2023 16:15:55
- Zuletzt bearbeitet 01.06.2026 13:16:24
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.
CVE-2023-3272
- EPSS 0.44%
- Veröffentlicht 10.07.2023 16:15:55
- Zuletzt bearbeitet 01.06.2026 13:16:24
Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted.
CVE-2023-3273
- EPSS 0.78%
- Veröffentlicht 10.07.2023 16:15:55
- Zuletzt bearbeitet 01.06.2026 13:16:24
Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of the device such as the IP address based on missing access control.
CVE-2023-35696
- EPSS 0.69%
- Veröffentlicht 10.07.2023 16:15:52
- Zuletzt bearbeitet 01.06.2026 13:16:23
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP requests.
CVE-2023-35697
- EPSS 0.65%
- Veröffentlicht 10.07.2023 16:15:52
- Zuletzt bearbeitet 01.06.2026 13:16:24
Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials.
CVE-2023-35698
- EPSS 0.57%
- Veröffentlicht 10.07.2023 16:15:52
- Zuletzt bearbeitet 01.06.2026 13:16:24
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.
CVE-2023-35699
- EPSS 0.18%
- Veröffentlicht 10.07.2023 16:15:52
- Zuletzt bearbeitet 01.06.2026 13:16:24
Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by accessing a SD card.