CVE-2024-11022
CVSS V2 None
CVSS V3 None
Description
The authentication process to the web server uses a challenge response procedure which
inludes the nonce and additional information. This challenge can be used several times for login and is
therefore vulnerable for a replay attack.
Overview
- CVE ID
- CVE-2024-11022
- Assigner
- SICK AG
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-06T12:13:50.253Z
- Last Modified Date
- 2024-12-06T18:18:19.952Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://sick.com/psirt | x_SICK PSIRT Website |
| https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF | x_SICK Operating Guidelines |
| https://www.cisa.gov/resources-tools/resources/ics-recommended-practices | x_ICS-CERT recommended practices on Industrial Security |
| https://www.first.org/cvss/calculator/3.1 | x_CVSS v3.1 Calculator |
| https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.pdf | vendor-advisory |
| https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0006.json | vendor-advisory x_csaf |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-11022 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11022 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-12-07 13:24:13 | Added to TrackCVE |