1. Home
  2. CVE Database
  3. CVE-2023-23449
MEDIUM · 5.3

CVE-2023-23449

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid us...

Vulnerability Description

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
SickFtmg-Esd20Axx Firmware< 2.0
SickFtmg-Esd20Axx-
SickFtmg-Esd25Axx Firmware< 2.0
SickFtmg-Esd25Axx-
SickFtmg-Esn40Sxx Firmware< 2.0
SickFtmg-Esn40Sxx-
SickFtmg-Esn50Sxx Firmware< 2.0
SickFtmg-Esn50Sxx-
SickFtmg-Esr50Sxx Firmware< 2.0
SickFtmg-Esr50Sxx-
SickFtmg-Esr40Sxx Firmware< 2.0
SickFtmg-Esr40Sxx-
SickFtmg-Esd15Axx Firmware< 2.0
SickFtmg-Esd15Axx-

Related Weaknesses (CWE)

CWE-203CWE-204

References

FAQ

What is CVE-2023-23449?

CVE-2023-23449 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid us...

How severe is CVE-2023-23449?

CVE-2023-23449 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-23449?

Check the references section above for vendor advisories and patch information. Affected products include: Sick Ftmg-Esd20Axx Firmware, Sick Ftmg-Esd20Axx, Sick Ftmg-Esd25Axx Firmware, Sick Ftmg-Esd25Axx, Sick Ftmg-Esn40Sxx Firmware.