CVE-2022-27583 - Vulnerability Details - OpenCVE

A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sick	Flx3-cpuc1 Flx3-cpuc1 Firmware Flx3-cpuc2 Flx3-cpuc2 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:sick:flx3-cpuc1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sick:flx3-cpuc1:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:sick:flx3-cpuc2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sick:flx3-cpuc2:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sick.com/psirt

History

No history.

MITRE

Status: PUBLISHED

Assigner: SICK AG

Published: 2022-10-31T00:00:00

Updated: 2024-08-03T05:32:59.407Z

Reserved: 2022-03-21T00:00:00

Link: CVE-2022-27583

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-10-31T20:15:12.580

Modified: 2024-11-21T06:55:59.513

Link: CVE-2022-27583

Redhat

No data.

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:flx3-cpuc1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC3BE00A-7842-4F1D-B9D9-4B618D2976B8", "versionEndExcluding": "1.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:flx3-cpuc1:-:*:*:*:*:*:*:*", "matchCriteriaId": "98AC8E4B-D4EF-4EFB-B667-7AF4D9BE1CAA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sick:flx3-cpuc2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5ADF47A-FCD3-4566-9BAB-21014F16F113", "versionEndExcluding": "1.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sick:flx3-cpuc2:-:*:*:*:*:*:*:*", "matchCriteriaId": "42F0FDDE-4690-4EEF-A7F4-A56EF57DF0A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A remote unprivileged attacker can interact with the configuration interface of a Flexi-Compact FLX3-CPUC1 or FLX3-CPUC2 running an affected firmware version to potentially impact the availability of the FlexiCompact."}, {"lang": "es", "value": "Un atacante remoto sin privilegios puede interactuar con la interfaz de configuraci\u00f3n de un Flexi-Compact FLX3-CPUC1 o FLX3-CPUC2 que ejecuta una versi\u00f3n de firmware afectada para afectar potencialmente la disponibilidad del FlexiCompact."}], "id": "CVE-2022-27583", "lastModified": "2024-11-21T06:55:59.513", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-10-31T20:15:12.580", "references": [{"source": "psirt@sick.de", "tags": ["Vendor Advisory"], "url": "https://sick.com/psirt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://sick.com/psirt"}], "sourceIdentifier": "psirt@sick.de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "psirt@sick.de", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}