Unrated severityNVD Advisory· Published Jan 15, 2026· Updated Jan 15, 2026
CVE-2026-22644
CVE-2026-22644
Description
Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: all versions
Patches
Vulnerability mechanics
References
6- www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.pdfmitrevendor-advisory
- sick.com/psirtmitrex_SICK PSIRT Security Advisories
- www.cisa.gov/resources-tools/resources/ics-recommended-practicesmitrex_ICS-CERT recommended practices on Industrial Security
- www.first.org/cvss/calculator/3.1mitrex_CVSS v3.1 Calculator
- www.sick.com/.well-known/csaf/white/2026/sca-2026-0002.jsonmitrex_The canonical URL.
- www.sick.com/media/docs/9/19/719/special_information_sick_operating_guidelines_cybersecurity_by_sick_en_im0106719.pdfmitrex_SICK Operating Guidelines
News mentions
0No linked articles in our index yet.