N/A

SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly.

N/A

N/A

Sick Package Analytics 安全漏洞

Sick Package Analytics是德国西克（Sick）公司的一套用于自动识别系统的系统性能监控软件。 SICK Package Analytics V04.1.1及之后版本中存在安全漏洞，该漏洞源于程序没有正确设置默认权限。攻击者可借助REST API查询利用该漏洞从系统读取敏感数据。

N/A

N/A