SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: SICK AG
Published: 2020-07-29T13:18:59
Updated: 2020-07-29T13:18:59
Reserved: 2019-12-04T00:00:00
Link: CVE-2020-2077
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-29T14:15:12.910
Modified: 2020-08-03T17:28:33.183
Link: CVE-2020-2077
JSON object: View
Redhat Information
No data.
CWE