Vulnerabilities > Siemens > Comos

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-43503 Cleartext Transmission of Sensitive Information vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions < V10.4.4).
network
low complexity
siemens CWE-319
7.5
7.5
2023-11-14 CVE-2023-43504 Classic Buffer Overflow vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions < V10.4.4).
network
low complexity
siemens CWE-120
critical
 9.8
9.8
2023-11-14 CVE-2023-43505 Improper Access Control vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions).
network
low complexity
siemens CWE-284
6.5
6.5
2023-11-14 CVE-2023-46601 Improper Access Control vulnerability in Siemens Comos
A vulnerability has been identified in COMOS (All versions).
network
low complexity
siemens CWE-284
7.5
7.5
2023-02-14 CVE-2023-24482 Classic Buffer Overflow vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25).
network
low complexity
siemens CWE-120
critical
 9.8
9.8
2022-02-09 CVE-2021-37194 Unrestricted Upload of File with Dangerous Type vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used).
network
low complexity
siemens CWE-434
5.0
5.0
2022-01-11 CVE-2021-37195 Cross-site Scripting vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used).
network
high complexity
siemens CWE-79
2.6
2.6
2022-01-11 CVE-2021-37196 Path Traversal vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.3 (All versions >= V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used).
network
siemens CWE-22
3.5
3.5
2022-01-11 CVE-2021-37197 SQL Injection vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used).
network
siemens CWE-89
6.0
6.0
2022-01-11 CVE-2021-37198 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Comos
A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used).
network
high complexity
siemens CWE-352
5.1
5.1