Authentication flaw

2020-07-2914:15:00

PRIOn knowledge base

www.prio-n.com

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.0%

JSON

SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write files without authentication.

CPENameOperatorVersion
package_analyticsle04.0.0

CPE	Name	Operator	Version
	package_analytics	le	04.0.0

References

www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/