Information Disclosure Through Stacktrace-/MQTT/Config/changeAll_CVE-2025-58581

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application.

Basic Information

ID CVE-2025-58581

Source SICK AG

Published Oct 6, 2025 at 06:50

Modified Oct 6, 2025 at 07:10

Affected Product

Vendor SICK AG

Product Enterprise Analytics

Version all versions

Affected Versions SICK AG Enterprise Analytics all versions

CWE Classification

CWE-200

References

{
    "lastseen": "",
    "description": "When an error occurs in the application a full stacktrace is  provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application.",
    "published": "2025-10-06T06:50:12.186Z",
    "modified": "2025-10-06T07:10:01.243Z",
    "type": "cve",
    "title": "Information Disclosure Through Stacktrace-/MQTT/Config/changeAll",
    "source": "SICK AG",
    "references": "https://sick.com/psirt\nhttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf\nhttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices\nhttps://www.first.org/cvss/calculator/3.1\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf",
    "id": "CVE-2025-58581",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "SICK AG Enterprise Analytics all versions",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Enterprise Analytics",
    "version": "all versions",
    "vendor": "SICK AG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}