Unrated severityNVD Advisory· Published Oct 6, 2025· Updated Oct 6, 2025
Plain Text Transmission of Username and Password in the URL
CVE-2025-58584
Description
In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: all versions
Patches
Vulnerability mechanics
References
6- www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.pdfmitrevendor-advisory
- sick.com/psirtmitrex_SICK PSIRT Security Advisories
- www.cisa.gov/resources-tools/resources/ics-recommended-practicesmitrex_ICS-CERT recommended practices on Industrial Security
- www.first.org/cvss/calculator/3.1mitrex_CVSS v3.1 Calculator
- www.sick.com/.well-known/csaf/white/2025/sca-2025-0010.jsonmitrex_The canonical URL.
- www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdfmitrex_SICK Operating Guidelines
News mentions
0No linked articles in our index yet.