Vulnerability in COMOS revealed, affecting multiple versions and allowing file extraction via XML External Entity.
Reporter | Title | Published | Views | Family All 4 |
---|---|---|---|---|
![]() | Siemens COMOS XXE Injection Vulnerability (CNVD-2024-47911) | 11 Dec 202400:00 | – | cnvd |
![]() | CVE-2024-54005 | 10 Dec 202413:54 | – | cvelist |
![]() | CVE-2024-54005 | 10 Dec 202414:30 | – | nvd |
![]() | CVE-2024-54005 | 10 Dec 202413:54 | – | vulnrichment |
[
{
"vendor": "Siemens",
"product": "COMOS V10.3",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V10.3.3.5.8",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "COMOS V10.4.0",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "COMOS V10.4.1",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "COMOS V10.4.2",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "*",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "COMOS V10.4.3",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V10.4.3.0.47",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "COMOS V10.4.4",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V10.4.4.2",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "COMOS V10.4.4.1",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "V10.4.4.1.21",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]
Source | Link |
---|---|
cert-portal | www.cert-portal.siemens.com/productcert/html/ssa-701627.html |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo