Vulnerability in Sick Lms500

CVE-2023-31412

The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.

EPSS: 0.003 (26.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2023-31412?
CVE-2023-31412 is a high-severity vulnerability in Sick Lms500, classified under Use of Password Hash With Insufficient Computational Effort. CVSS score: 7.5/10. Published 2023-08-24.
How severe is CVE-2023-31412?
High severity. CVSS v3 base score is 7.5 out of 10.