Improper Access Control in COMOS Application by Siemens
CVE-2023-46601
7.5HIGH
What is CVE-2023-46601?
A vulnerability exists in Siemens' COMOS application where improper access controls during SQLServer connection setup could be exploited by an attacker. This weakness enables unauthorized querying of the database, leading to potential exposure of sensitive user data. Organizations using the COMOS application should implement necessary access controls to mitigate risks and protect critical information.
Affected Version(s)
COMOS All versions