Username Disclosure Through Missing Authentication_CVE-2025-58579

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.

Basic Information

ID CVE-2025-58579

Source SICK AG

Published Oct 6, 2025 at 07:09

Affected Product

Vendor SICK AG

Product Baggage Analytics

Version all versions

Affected Versions SICK AG Baggage Analytics all versions
SICK AG Tire Analytics all versions
SICK AG Package Analytics all versions
SICK AG Logistic Diagnostic Analytics all versions
SICK AG Enterprise Analytics all versions

CWE Classification

CWE-497

References

{
    "lastseen": "",
    "description": "Due to a lack of authentication, it is possible for an unauthenticated user to request data from this endpoint, making the application vulnerable for user enumeration.",
    "published": "2025-10-06T07:09:09.074Z",
    "modified": "2025-10-06T07:09:09.074Z",
    "type": "cve",
    "title": "Username Disclosure Through Missing Authentication",
    "source": "SICK AG",
    "references": "https://sick.com/psirt\nhttps://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf\nhttps://www.cisa.gov/resources-tools/resources/ics-recommended-practices\nhttps://www.first.org/cvss/calculator/3.1\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json\nhttps://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf",
    "id": "CVE-2025-58579",
    "bulletinFamily": "",
    "cwe": [
        "CWE-497"
    ],
    "cvelist": null,
    "sourceData": "SICK AG Baggage Analytics all versions\nSICK AG Tire Analytics all versions\nSICK AG Package Analytics all versions\nSICK AG Logistic Diagnostic Analytics all versions\nSICK AG Enterprise Analytics all versions",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Baggage Analytics",
    "version": "all versions",
    "vendor": "SICK AG",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}