CVE-2025-58582 MEDIUM

CVE-2025-58582: Uncontrolled Resource Consumption via log file

Vendor Sick Ag
Product Enterprise Analytics
Weakness CWE-770 · Uncontrolled resource consumption
Published October 6, 2025
Last update October 6, 2025

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

If a user tries to login but the provided credentials are incorrect a log is created. The data for this POST requests is not validated and it’s possible to send giant payloads which are then logged.

Key dates

02Disclosure timeline

October 6, 2025 CVE published
October 6, 2025 Record updated