Sensitive Information Disclosure Through Missing Authentication_CVE-2025-58585

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

Multiple endpoints with sensitive information do not require authentication, making the application susceptible to information gathering.

Basic Information

ID CVE-2025-58585

Source SICK AG

Published Oct 6, 2025 at 07:01

Affected Product

Vendor SICK AG

Product Baggage Analytics

Version all versions

Affected Versions SICK AG Baggage Analytics all versions
SICK AG Tire Analytics all versions
SICK AG Package Analytics all versions
SICK AG Logistic Diagnostic Analytics all versions

CWE Classification

CWE-497

References

{
    "lastseen": "",
    "description": "Multiple endpoints with sensitive information do not require authentication, making the application susceptible to information gathering.",
    "published": "2025-10-06T07:01:46.210Z",
    "modified": "2025-10-06T07:01:46.210Z",
    "type": "cve",
    "title": "Sensitive Information Disclosure Through Missing Authentication",
    "source": "SICK AG",
    "references": "https://sick.com/psirt\nhttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf\nhttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices\nhttps://www.first.org/cvss/calculator/3.1\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf",
    "id": "CVE-2025-58585",
    "bulletinFamily": "",
    "cwe": [
        "CWE-497"
    ],
    "cvelist": null,
    "sourceData": "SICK AG Baggage Analytics all versions\nSICK AG Tire Analytics all versions\nSICK AG Package Analytics all versions\nSICK AG Logistic Diagnostic Analytics all versions",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Baggage Analytics",
    "version": "all versions",
    "vendor": "SICK AG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}