Description
The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks).
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
- Attack Vector
- network
- Complexity
- high
- Privileges
- none
- User Action
- required
- Scope
- unchanged
- Confidentiality
- low
- Integrity
- low
- Availability
- none
- Weaknesses
- CWE-693
Metadata
- Primary Vendor
- SICK
- Published
- 6/12/2025
- Last Modified
- 1/26/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
sick : baggage_analyticssick : field_analyticssick : logistic_diagnostic_analyticssick : media_serversick : package_analyticssick : tire_analytics
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.