CNNVD-202510-834 Information
CNNVD ID
CNNVD-202510-834
Related CVE
- CNNVD Published: 2025-10-06
Description (Chinese)
SICK AG Baggage Analytics是德国SICK AG公司的一款用于机场追踪系统的可视化和分析软件。 SICK AG Baggage Analytics存在安全漏洞,该漏洞源于通过仪表板在新标签页打开按钮运行JavaScript,可能导致会话劫持。
Description (English)
SICK AG Baggage Analytics is a visualization and analysis software for airport tracking systems from SICK AG, Germany. SICK AG Baggage Analytics has a security loophole, which results from the operation of JavaScript through the new tab button on the dashboard, which could lead to a session hijacking.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
SICK AG
Published
2025-10-06
Last Modified
2026-02-24
References
https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.json https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdf https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf