Описание
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly.
Уязвимые конфигурации
Конфигурация 1Версия до 04.0.0 (включая)
cpe:2.3:a:sick:package_analytics:*:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.00209
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
около 3 лет назад
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly.
EPSS
Процентиль: 43%
0.00209
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-276