Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2023-46601

Published: 14/11/2023 Updated: 20/11/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Comos

Vulnerability Summary

A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer connection. This could allow an malicious user to query the database directly to access information that the user should not have access to.

Vulnerable Product Search on Vulmon Subscribe to Product

siemens comos

ICS Advisories

https://ics-cert.us-cert.gov/advisories/2ecb0cb4ba04d4fd933f2d81d55089e6
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-284https://cert-portal.siemens.com/productcert/pdf/ssa-137900.pdfhttps://nvd.nist.govhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-320-09
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook