CVE-2023-3271

Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*

History

01 Jun 2026, 13:16

Type Values Removed Values Added
Summary (en) Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints. (en) Improper Access Control in the SICK ICR890-4 could allow an unauthenticated remote attacker to gather information about the system and download data via the REST API by accessing unauthenticated endpoints.

21 Nov 2024, 08:16

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 8.2
References () https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json - Vendor Advisory () https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json - Vendor Advisory
References () https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf - Vendor Advisory () https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf - Vendor Advisory
References () https://sick.com/psirt - Product () https://sick.com/psirt - Product

19 Jul 2023, 17:16

Type Values Removed Values Added
CPE cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*
cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Sick
Sick icr890-4
Sick icr890-4 Firmware
References (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json - (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json - Vendor Advisory
References (MISC) https://sick.com/psirt - (MISC) https://sick.com/psirt - Product
References (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf - (MISC) https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

10 Jul 2023, 16:27

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-10 16:15

Updated : 2026-06-17 06:13


NVD link : CVE-2023-3271

Mitre link : CVE-2023-3271

CVE.ORG link : CVE-2023-3271


JSON object : View

Products Affected

sick

  • icr890-4_firmware
  • icr890-4
CWE
CWE-284

Improper Access Control

NVD-CWE-noinfo