Description
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.
References (2)
Core 2
Core References
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-12-227-01.pdf
Vendor Advisory x_refsource_confirm
http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf
Scores
EPSS
0.0031
EPSS Percentile
54.0%
Details
CWE
CWE-264
Status
published
Products (3)
siemens/comos
9.2 03
siemens/comos
10.0
siemens/comos
< 9.1
Published
Aug 16, 2012
Tracked Since
Feb 18, 2026