CVE-2023-5103
Severity Score
4.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into
clicking on an actionable item using an iframe.
La restricción inadecuada de Rendered UI Layers o Frames en RDT400 en SICK APU permite que un atacante remoto sin privilegios revele potencialmente información confidencial engañando a un usuario para que haga clic en un elemento procesable usando un iframe.
Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an actionable item using an iframe.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-09-21 CVE Reserved
- 2023-10-09 CVE Published
- 2024-09-18 CVE Updated
- 2024-11-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-1021: Improper Restriction of Rendered UI Layers or Frames
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://sick.com/psirt | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json | 2023-10-11 | |
| https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf | 2023-10-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sick Search vendor "Sick" | Apu0200 Firmware Search vendor "Sick" for product "Apu0200 Firmware" | < 4.0.0.6 Search vendor "Sick" for product "Apu0200 Firmware" and version " < 4.0.0.6" | - |
Affected
| in | Sick Search vendor "Sick" | Apu0200 Search vendor "Sick" for product "Apu0200" | - | - |
Safe
|