CVE-2021-32504

2022-07-1914:11:38

CWE-862

SICK AG

www.cve.org

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.

CNA Affected

[
  {
    "product": "SICK FTMg",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "All versions before 2.8"
      }
    ]
  }
]

References

sick.com/psirt