Vulnerability Details CVE-2012-3009
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.7%
CVSS Severity
CVSS v2 Score 8.5
References
- http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-227-01.pdf
- http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf
- http://www.us-cert.gov/control_systems/pdf/ICSA-12-227-01.pdf