In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NSick Baggage Analytics
APPSickwszystkie wersjeSick Enterprise Analytics
APPSickwszystkie wersjeSick Logistic Diagnostic Analytics
APPSickwszystkie wersjeSick Package Analytics
APPSickwszystkie wersjeSick Tire Analytics
APPSickwszystkie wersje
Related vulnerabilities
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass...
A remote unauthorized attacker may gather sensitive information of the application, due to missing authorizati...
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default pe...
Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint...
An API endpoint allows arbitrary log entries to be created via POST request. Without sufficient va...