CNNVD-202601-2650 Information
CNNVD ID
CNNVD-202601-2650
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
SICK Incoming Goods Suite是德国SICK公司的一款物流收货流程软件。 SICK Incoming Goods Suite存在安全漏洞,该漏洞源于身份验证令牌通过URL字符串查询参数传递,可能导致会话劫持和未经授权的访问。
Description (English)
SICK Incoming Goods Suite is a logistics receipt process software for SICK, Germany. There is a security loophole in SICK Incoming Goods Suite, which stems from the transmission of identification badges through URL string query parameters, which may lead to the hijacking of conversations and unauthorized access.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
西克
Published
2026-01-15
Last Modified
2026-02-24
References
https://sick.com/psirt https://www.cisa.gov/resources-tools/resources/ics-recommended-practices https://www.first.org/cvss/calculator/3.1 https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf
Patch
https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf
Share on: