Unrated severityNVD Advisory· Published May 15, 2023· Updated Jan 23, 2025

CVE-2023-23450

Description

Use of Password Hash Instead of Password for Authentication in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows an unprivileged remote attacker to use a password hash instead of an actual password to login to a valid user account via the REST interface.

Affected products

Sick Ag/Sick Ftmg Esr40sxx Air Flow Sensorv5
Range: all firmware versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sick.com/.well-known/csaf/white/2023/sca-2023-0004.pdfmitrevendor-advisory
sick.com/.well-known/csaf/white/2023/sca-2023-0004.jsonmitrex_csaf
sick.com/psirtmitreissue-tracking

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000