{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T04:33:29.050","vulnerabilities":[{"cve":{"id":"CVE-2025-49193","sourceIdentifier":"psirt@sick.de","published":"2025-06-12T15:15:39.433","lastModified":"2026-01-26T19:30:49.307","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks)."},{"lang":"es","value":"La aplicación no implementa varios encabezados de seguridad. Estos encabezados ayudan a aumentar el nivel general de seguridad de la aplicación web, por ejemplo, impidiendo que la aplicación se muestre en un iFrame (ataques de clickjacking) o que se ejecute código JavaScript malicioso inyectado (ataques XSS)."}],"metrics":{"cvssMetricV31":[{"source":"psirt@sick.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"psirt@sick.de","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sick:baggage_analytics:*:*:*:*:*:*:*:*","matchCriteriaId":"E62416BA-1BF1-43BD-98B2-57BD34128419"},{"vulnerable":true,"criteria":"cpe:2.3:a:sick:field_analytics:*:*:*:*:*:*:*:*","matchCriteriaId":"62EE84A7-E93D-411E-A6FC-4BEE5F4CD16D"},{"vulnerable":true,"criteria":"cpe:2.3:a:sick:logistic_diagnostic_analytics:*:*:*:*:*:*:*:*","matchCriteriaId":"27031959-2981-4755-9E3D-02CD083F2B72"},{"vulnerable":true,"criteria":"cpe:2.3:a:sick:media_server:*:*:*:*:*:*:*:*","versionEndExcluding":"1.5","matchCriteriaId":"818583F6-0347-4D38-863F-5D1C391C427E"},{"vulnerable":true,"criteria":"cpe:2.3:a:sick:package_analytics:*:*:*:*:*:*:*:*","matchCriteriaId":"5955214B-0D71-449A-BFD4-8804FDF91CA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:sick:tire_analytics:*:*:*:*:*:*:*:*","matchCriteriaId":"86C0BA69-E701-45A3-ADA5-130B8AD9DF15"}]}]}],"references":[{"url":"https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF","source":"psirt@sick.de","tags":["Broken Link"]},{"url":"https://sick.com/psirt","source":"psirt@sick.de","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/resources-tools/resources/ics-recommended-practices","source":"psirt@sick.de","tags":["US Government Resource"]},{"url":"https://www.first.org/cvss/calculator/3.1","source":"psirt@sick.de","tags":["Not Applicable"]},{"url":"https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json","source":"psirt@sick.de","tags":["Vendor Advisory"]},{"url":"https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf","source":"psirt@sick.de","tags":["Vendor Advisory"]}]}}]}