Описание
Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.
Ссылки
- Vendor Advisory
- US Government Resource
- Not Applicable
- Vendor Advisory
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sick:baggage_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:enterprise_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:logistic_diagnostic_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:package_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:tire_analytics:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00085
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-497
Связанные уязвимости
CVSS3: 5.3
github
4 месяца назад
Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.
EPSS
Процентиль: 25%
0.00085
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-497