A vulnerability has been identified in COMOS (All versions). The affected application lacks proper access controls in making the SQLServer connection. This could allow an attacker to query the database directly to access information that the user should not have access to.
Metrics
Affected Vendors & Products
References
History
Wed, 08 Jan 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: siemens
Published: 2023-11-14T11:04:23.657Z
Updated: 2025-01-08T16:19:25.775Z
Reserved: 2023-10-23T13:50:01.947Z
Link: CVE-2023-46601

Updated: 2024-08-02T20:45:42.301Z

Status : Modified
Published: 2023-11-14T11:15:15.293
Modified: 2024-11-21T08:28:52.213
Link: CVE-2023-46601

No data.