Lucene search
HistoryAug 09, 2013 - 7:55 p.m.
CVE-2013-4943
siemens
comos
cve-2013-4943
security
vulnerability
privilege escalation
database operation
6.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
The client application in Siemens COMOS before 9.1 Update 458, 9.2 before 9.2.0.6.37, and 10.0 before 10.0.3.0.19 allows local users to gain privileges and bypass intended database-operation restrictions by leveraging COMOS project access.
| CPE | Name | Operator | Version |
|---|---|---|---|
| siemens:comos | siemens comos | eq | 10.0 |
| siemens:comos | siemens comos | eq | 9.1 |
| siemens:comos | siemens comos | eq | 9.2 |
Related
prion
prion
Design/Logic Flaw
2013-08-09 19:55:00
ics
ics
Siemens COMOS Privilege Escalation Vulnerability
2013-08-21 12:00:00
cvelist
cvelist
CVE-2013-4943
2022-10-03 16:14:57
6.8 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2013-4943