Sick Icr890-4
7 CVEs affecting Sick Icr890-4. Latest disclosed: 2023-07-10. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-3271 | High | 8.2 | 2023-07-10 | Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the RE… |
CVE-2023-3273 | High | 7.5 | 2023-07-10 | Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to affect the availability of the device by changing settings of th… |
CVE-2023-3272 | High | 7.5 | 2023-07-10 | Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traf… |
CVE-2023-35696 | High | 7.5 | 2023-07-10 | Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the device via HTTP reque… |
CVE-2023-35699 | Medium | 5.3 | 2023-07-10 | Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by acc… |
CVE-2023-35698 | Medium | 5.3 | 2023-07-10 | Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given durin… |
CVE-2023-35697 | Medium | 5.3 | 2023-07-10 | Improper Restriction of Excessive Authentication Attempts in the SICK ICR890-4 could allow a remote attacker to brute-force user credentials. |