CVE-2026-22645

EPSS 0.05%
Veröffentlicht 15.01.2026 13:14:38
Zuletzt bearbeitet 29.01.2026 17:19:57
Quelle psirt@sick.de
CVE-Watchlists
Login
Unerledigt
Login

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sick ≫ Incoming Goods Suite Version < 1.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.149

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@sick.de	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://sick.com/psirt

Vendor Advisory

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices

US Government Resource

https://www.first.org/cvss/calculator/3.1

Not Applicable

https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf

Product

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json

Vendor Advisory

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-22645

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-22645

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-22645

EUVD