CVE-2025-49182

Опубликовано: 12 июн. 2025

Источник: nvd

CVSS3: 7.5

CVSS3: 9.8

EPSS Низкий

Описание

Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.

Ссылки

https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
Broken Link
https://sick.com/psirt
Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
US Government Resource
https://www.first.org/cvss/calculator/3.1
Not Applicable
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json
Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sick:media_server:*:*:*:*:*:*:*:*

Версия до 1.5 (исключая)

EPSS

Процентиль: 20%

0.00063

Низкий

7.5 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-540

Связанные уязвимости

GHSA-mjh6-vpjc-86w5

CVSS3: 7.5

github

8 месяцев назад

Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application.

EPSS

Процентиль: 20%

0.00063

Низкий

7.5 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-540