Vulnerability Description
The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siemens | Comos | 9.1 |
Related Weaknesses (CWE)
References
- http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_secVendor Advisory
- http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_secVendor Advisory
FAQ
What is CVE-2013-4943?
CVE-2013-4943 is a vulnerability with a CVSS score of 7.2 (HIGH). The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restricti...
How severe is CVE-2013-4943?
CVE-2013-4943 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4943?
Check the references section above for vendor advisories and patch information. Affected products include: Siemens Comos.