Vulnerabilities > Siemens > Comos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-43503 | Cleartext Transmission of Sensitive Information vulnerability in Siemens Comos A vulnerability has been identified in COMOS (All versions < V10.4.4). | 7.5 |
| 2023-11-14 | CVE-2023-43504 | Classic Buffer Overflow vulnerability in Siemens Comos A vulnerability has been identified in COMOS (All versions < V10.4.4). | 9.8 |
| 2023-11-14 | CVE-2023-43505 | Improper Access Control vulnerability in Siemens Comos A vulnerability has been identified in COMOS (All versions). | 6.5 |
| 2023-11-14 | CVE-2023-46601 | Improper Access Control vulnerability in Siemens Comos A vulnerability has been identified in COMOS (All versions). | 7.5 |
| 2023-02-14 | CVE-2023-24482 | Classic Buffer Overflow vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25). | 9.8 |
| 2022-02-09 | CVE-2021-37194 | Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 7.5 |
| 2022-01-11 | CVE-2021-37195 | Cross-site Scripting vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 6.1 |
| 2022-01-11 | CVE-2021-37196 | Path Traversal vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.3 (All versions >= V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 6.5 |
| 2022-01-11 | CVE-2021-37197 | SQL Injection vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 8.8 |
| 2022-01-11 | CVE-2021-37198 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Comos A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). | 8.8 |