CVE-2012-3009
First published: Thu Aug 16 2012(Updated: )
Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| COMOS | <=9.1 | |
| COMOS | =9.2-03 | |
| COMOS | =10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-3009?
CVE-2012-3009 is considered to have a high severity as it allows remote authenticated users to obtain database administrative access.
How do I fix CVE-2012-3009?
To fix CVE-2012-3009, update Siemens COMOS to version 9.1 Patch 413, 9.2 Update 03 Patch 023, or 10.0 Patch 005 or later.
What are the affected versions for CVE-2012-3009?
CVE-2012-3009 affects Siemens COMOS versions before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005.
Who is at risk for CVE-2012-3009?
Organizations using unpatched versions of Siemens COMOS are at risk for CVE-2012-3009.
What kind of access can be obtained through CVE-2012-3009?
CVE-2012-3009 allows remote authenticated users to gain database administrative access.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/siemens
- canonical/comos
- version/comos/9.1
- version/comos/9.2-03
- version/comos/10.0