CVE-2025-49184
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-06-12
Last updated on: 2026-01-29
Assigner: SICK AG
Description
Description
A remote unauthorized attacker may gather sensitive information of the application, due to missing authorization of configuration settings of the product.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sick | baggage_analytics | * |
| sick | enterprise_analytics | * |
| sick | field_analytics | * |
| sick | logistic_diagnostic_analytics | * |
| sick | package_analytics | * |
| sick | tire_analytics | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability allows a remote unauthorized attacker to access sensitive information from the application because the product's configuration settings lack proper authorization controls.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can obtain sensitive information from the application without authorization, potentially leading to data breaches or exposure of confidential data.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70