CVE-2026-22646

Опубликовано: 15 янв. 2026

Источник: nvd

CVSS3: 4.3

CVSS3: 7.5

EPSS Низкий

Описание

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

Ссылки

https://sick.com/psirt
Vendor Advisory
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
US Government Resource
https://www.first.org/cvss/calculator/3.1
Not Applicable
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json
Vendor Advisory
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf
Vendor Advisory
https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sick:incoming_goods_suite:*:*:*:*:*:*:*:*

Версия до 1.2.1 (исключая)

EPSS

Процентиль: 11%

0.00038

Низкий

4.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-209

Связанные уязвимости

GHSA-fw5g-998f-4jxj

CVSS3: 4.3

github

24 дня назад

EPSS

Процентиль: 11%

0.00038

Низкий

4.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-209