← Volver a CVEs

CVE-2026-22646

MEDIUM

4.3

Descripcion

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

Detalles CVE

Puntuacion CVSS v3.14.3

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado1/15/2026

Ultima modificacion1/29/2026

Fuentenvd

Avistamientos honeypot0

Productos afectados

sick:incoming_goods_suite

Debilidades (CWE)

CWE-209

Referencias

https://sick.com/psirt(psirt@sick.de)

https://www.cisa.gov/resources-tools/resources/ics-recommended-practices(psirt@sick.de)

https://www.first.org/cvss/calculator/3.1(psirt@sick.de)

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.json(psirt@sick.de)

https://www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdf(psirt@sick.de)

https://www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdf(psirt@sick.de)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.