The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks).
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:NSick Baggage Analytics
APPSickwszystkie wersjeSick Field Analytics
APPSickwszystkie wersjeSick Logistic Diagnostic Analytics
APPSickwszystkie wersjeSick Media Server
APPSick< 1.5Sick Package Analytics
APPSickwszystkie wersjeSick Tire Analytics
APPSickwszystkie wersje
Powiązane podatności
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass...
All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between a...
Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensi...
Files in the source code contain login credentials for the admin user and the property configuration password,...
A remote unauthorized attacker may gather sensitive information of the application, due to missing authorizati...