Vulnerabilities > Sick > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-27581 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sick products Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. | 6.5 |
| 2022-12-13 | CVE-2022-46832 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sick products Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. | 6.5 |
| 2022-12-13 | CVE-2022-46833 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sick products Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. | 6.5 |
| 2022-12-13 | CVE-2022-46834 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Sick products Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. | 6.5 |
| 2022-07-19 | CVE-2021-32504 | Missing Authorization vulnerability in Sick Ftmg Firmware Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. | 5.3 |
| 2022-04-01 | CVE-2021-32503 | Resource Exhaustion vulnerability in Sick Ftmg Firmware 2.8 Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. | 4.9 |
| 2021-06-28 | CVE-2021-32496 | Inadequate Encryption Strength vulnerability in Sick Visionary-S CX Firmware SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength vulnerability concerning the internal SSH interface solely used by SICK for recovering returned devices. | 5.3 |
| 2020-07-29 | CVE-2020-2078 | Insufficiently Protected Credentials vulnerability in Sick Package Analytics 04.0.0/04.1.1 Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. | 6.5 |