Design/Logic Flaw

2020-07-2914:15:00

PRIOn knowledge base

www.prio-n.com

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain access to systems, potentially compromising personal information or other sensitive information.

CPENameOperatorVersion
package_analyticsle04.1.1

CPE	Name	Operator	Version
	package_analytics	le	04.1.1

References

www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/