21 matches found
EUVD-2020-22102
Malware in sbrugna...
EUVD-2020-22104
Malware in sbrugna...
EUVD-2020-22103
Malware in sbrugna...
CVE-2020-2078
Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain...
CVE-2020-2076
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write fil...
Vulnerabilities in SICK Package Analytics
SICK received a report about multiple vulnerabilities in the SICK Package Analytics. The vulnerabilities result from the used MySQL database with version 5.7.25. The vulnerable MySQL version include Buffer-Overflow, Improper Access Control, and Improper Certification Validation vulnerabilities...
Vulnerabilities in SICK Package Analytics
SICK received a report about multiple security vulnerabilities in the Package Analytics software. Successful exploitation of these vulnerabilities could allow an unauthorized remote attacker to read and write the configuration of the software, read data directly from the file system and view...
Sick Package Analytics Information Disclosure Vulnerability
Sick Package Analytics is a system performance monitoring software for automatic identification systems from Sick. A security vulnerability exists in SICK Package Analytics V04.1.1 and later versions, which stems from the program failing to properly set default permissions. The vulnerability can ...
Sick Package Analytics Input Validation Error Vulnerability
Sick Package Analytics is a system performance monitoring software for automatic identification systems from Sick. An input validation error vulnerability exists in SICK Package Analytics V04.0.0 and prior versions. The vulnerability arises from a networked system or product that does not properl...
CVE-2020-2077
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly...
CVE-2020-2078
Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain...
CVE-2020-2077
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly...
CVE-2020-2078
Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain...
CVE-2020-2076
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write fil...
Authentication flaw
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write fil...
CVE-2020-2078
The CVE-2020-2078 entry concerns SICK Package Analytics (up to v04.1.1). The root cause is plaintext storage of passwords in the software configuration, allowing an attacker with authorized access to read credentials and gain access to the FTP service. Impact stated: potential exposure of passwor...
CVE-2020-2078
Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain...
CVE-2020-2077
CVE-2020-2077 concerns SICK Package Analytics. The vulnerability arises from incorrect default permissions in SICK Package Analytics software, affecting versions up to and including V04.0.0, allowing an unauthorized remote attacker to read sensitive data via REST API queries. Some sources indicat...
CVE-2020-2077
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly...
CVE-2020-2076
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write fil...