CVE-2025-58579 | THREATINT

Description

Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.

PUBLISHED Reserved 2025-09-03 | Published 2025-10-06 | Updated 2025-10-06 | Assigner SICK AG

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

Default status

affected

all versions

affected

Default status

affected

all versions

affected

Default status

affected

all versions

affected

Default status

affected

all versions

affected

Default status

affected

all versions

affected

References

sick.com/psirt

www.sick.com/...lines_cybersecurity_by_sick_en_im0106719.pdf

www.cisa.gov/...es-tools/resources/ics-recommended-practices

www.first.org/cvss/calculator/3.1

www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json

www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf vendor-advisory

cve.org (CVE-2025-58579)

nvd.nist.gov (CVE-2025-58579)

Download JSON