CVE-2025-49193
Missing HTTP Security Headers
CVSS Score
4.2
EPSS Score
0.3%
EPSS Percentile
52th
The application fails to implement several security headers. These headers help increase the overall security level of the web application by e.g., preventing the application to be displayed in an iFrame (Clickjacking attacks) or not executing injected malicious JavaScript code (XSS attacks).
| CWE | CWE-693 |
| Vendor | sick ag |
| Product | field analytics |
| Published | Jun 12, 2025 |
| Last Updated | May 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for sick ag field analytics
Be the first to know when new medium vulnerabilities affecting sick ag field analytics are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None
Affected Versions
SICK AG / Field Analytics
all versions
SICK AG / Media Server
0 < 1.5
SICK AG / Baggage Analytics
0 < 4.6.3
SICK AG / Tire Analytics
0 < 4.6.3
SICK AG / Package Analytics
0 < 4.6.3
SICK AG / Logistic Diagnostic Analytics
0 < 4.6.3
References
sick.com: https://sick.com/psirt cdn.sick.com: https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF cisa.gov: https://www.cisa.gov/resources-tools/resources/ics-recommended-practices first.org: https://www.first.org/cvss/calculator/3.1 sick.com: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.pdf sick.com: https://www.sick.com/.well-known/csaf/white/2025/sca-2025-0007.json