Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login
attempt.
References
Link | Resource |
---|---|
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json | Vendor Advisory |
https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf | Vendor Advisory |
https://sick.com/psirt | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SICK AG
Published: 2023-07-10T09:37:22.798Z
Updated: 2023-07-10T09:39:56.134Z
Reserved: 2023-06-15T11:32:19.767Z
Link: CVE-2023-35698
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-07-10T16:15:52.937
Modified: 2023-07-18T11:44:50.397
Link: CVE-2023-35698
JSON object: View
Redhat Information
No data.