CVE-2021-32503

2022-04-0122:17:44

CWE-862

SICK AG

www.cve.org

5.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.

CNA Affected

[
  {
    "product": "SICK FTMg",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions before 2.8"
      }
    ]
  }
]

References

sick.com/psirt