cbcvebase.

Sick Package Analytics vulnerabilities

4 known vulnerabilities affecting sick/package_analytics.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2020-2076P2CRITICALCVSS 9.8≤ 04.0.02020-07-29
CVE-2020-2076 [CRITICAL] CWE-306 CVE-2020-2076: SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authenticat SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write files without authentication.
nvd
CVE-2025-58590P3HIGHCVSS 7.5≤ 4.6.12025-10-06
CVE-2025-58590 [HIGH] CWE-22 CVE-2025-58590: It's possible to brute force folders and files, what can be used by an attacker to steal sensitve in It's possible to brute force folders and files, what can be used by an attacker to steal sensitve information.
nvd
CVE-2020-2077P3HIGHCVSS 7.5≤ 04.0.02020-07-29
CVE-2020-2077 [HIGH] CWE-276 CVE-2020-2077: SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by querying for known files using the REST API directly.
nvd
CVE-2020-2078P3MEDIUMCVSS 6.5≤ 04.1.12020-07-29
CVE-2020-2078 [MEDIUM] CWE-522 CVE-2020-2078: Passwords are stored in plain text within the configuration of SICK Package Analytics software up to Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and gain access to the ftp service. Storing a password in plaintext allows attackers to easily gain access to systems, potentially compromising personal infor
nvd
Sick Package Analytics vulnerabilities | cvebase