A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK EventCam App. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the EventCam App and the Client, and potentially manipulate the data being transmitted.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: SICK AG
Published: 2023-06-19T14:57:52.413Z
Updated: 2024-12-11T20:31:59.734Z
Reserved: 2023-04-27T18:35:47.418Z
Link: CVE-2023-31410
Vulnrichment
Updated: 2024-08-02T14:53:31.061Z
NVD
Status : Modified
Published: 2023-06-19T15:15:09.173
Modified: 2024-11-21T08:01:48.377
Link: CVE-2023-31410
Redhat
No data.