ID

VAR-201208-0349


CVE

CVE-2012-3009


TITLE

Siemens COMOS Vulnerable to obtaining database administrator privileges

Trust: 0.8

sources: JVNDB: JVNDB-2012-003720

DESCRIPTION

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. COMOS is a factory engineering software. Siemens COMOS is prone to an unspecified security-bypass vulnerability. Siemens COMOS is the world's leading provider of software solutions in the field of integrated lifecycle engineering. ---------------------------------------------------------------------- The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta ---------------------------------------------------------------------- TITLE: Siemens COMOS Unspecified Security Bypass Security Issue SECUNIA ADVISORY ID: SA50249 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50249/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50249 RELEASE DATE: 2012-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/50249/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50249/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50249 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Siemens COMOS, which can be exploited by malicious users to bypass certain security restrictions. Successful exploitation requires read access to the database. The security issue is reported in versions prior to 9.1 Patch 413, 9.2 Update 03 Patch 023, 10.0 Patch 005, and 10.0 SP1. SOLUTION: Update to version 9.1 Patch 413, 9.2 Update 03 Patch 023, 10.0 Patch 005, or 10.0 SP1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2012-3009 // JVNDB: JVNDB-2012-003720 // CNVD: CNVD-2012-4239 // BID: 54978 // IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-56290 // PACKETSTORM: 115453

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4239

AFFECTED PRODUCTS

vendor:siemensmodel:comosscope:eqversion:9.2

Trust: 1.6

vendor:siemensmodel:comosscope:eqversion:10.0

Trust: 1.6

vendor:siemensmodel:comosscope:lteversion:9.1

Trust: 1.0

vendor:siemensmodel:comosscope:eqversion:update 03 patch 023

Trust: 0.8

vendor:siemensmodel:comosscope:ltversion:9.2

Trust: 0.8

vendor:siemensmodel:comosscope:eqversion:patch 005

Trust: 0.8

vendor:siemensmodel:comosscope:ltversion:10.0

Trust: 0.8

vendor:siemensmodel:comosscope:eqversion:10.x

Trust: 0.6

vendor:siemensmodel:comosscope:eqversion:9.x

Trust: 0.6

vendor:siemensmodel:comosscope:eqversion:9.1

Trust: 0.6

vendor:comosmodel: - scope:eqversion:*

Trust: 0.2

vendor:comosmodel: - scope:eqversion:9.2

Trust: 0.2

vendor:comosmodel: - scope:eqversion:10.0

Trust: 0.2

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4239 // JVNDB: JVNDB-2012-003720 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-3009
value: HIGH

Trust: 1.0

NVD: CVE-2012-3009
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201208-192
value: HIGH

Trust: 0.6

IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

VULHUB: VHN-56290
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-3009
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-56290
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-56290 // JVNDB: JVNDB-2012-003720 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-56290 // JVNDB: JVNDB-2012-003720 // NVD: CVE-2012-3009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201208-192

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201208-192

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003720

PATCH

title:Top Pageurl:http://www.siemens.com/

Trust: 0.8

title:SSA-312568: Security Vulnerability in COMOSurl:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf

Trust: 0.8

title:シーメンスソリューションパートナーurl:http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx

Trust: 0.8

title:シーメンス・ジャパン株式会社url:http://www.siemens.com/entry/jp/ja/

Trust: 0.8

title:Siemens COMOS has an unspecified security bypass vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/19782

Trust: 0.6

sources: CNVD: CNVD-2012-4239 // JVNDB: JVNDB-2012-003720

EXTERNAL IDS

db:NVDid:CVE-2012-3009

Trust: 3.6

db:ICS CERTid:ICSA-12-227-01

Trust: 2.8

db:SIEMENSid:SSA-312568

Trust: 2.7

db:CNNVDid:CNNVD-201208-192

Trust: 0.9

db:CNVDid:CNVD-2012-4239

Trust: 0.8

db:JVNDBid:JVNDB-2012-003720

Trust: 0.8

db:SECUNIAid:50249

Trust: 0.8

db:NSFOCUSid:20296

Trust: 0.6

db:BIDid:54978

Trust: 0.4

db:IVDid:80F2DAC6-2353-11E6-ABEF-000C29C66E3D

Trust: 0.2

db:VULHUBid:VHN-56290

Trust: 0.1

db:PACKETSTORMid:115453

Trust: 0.1

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4239 // VULHUB: VHN-56290 // BID: 54978 // JVNDB: JVNDB-2012-003720 // PACKETSTORM: 115453 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

REFERENCES

url:http://www.us-cert.gov/control_systems/pdf/icsa-12-227-01.pdf

Trust: 2.8

url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf

Trust: 2.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3009

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3009

Trust: 0.8

url:http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdfhttp

Trust: 0.6

url:http://secunia.com/advisories/50249

Trust: 0.6

url:http://www.nsfocus.net/vulndb/20296

Trust: 0.6

url:http://subscriber.communications.siemens.com/

Trust: 0.3

url:http://secunia.com/advisories/50249/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/csi6beta

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=50249

Trust: 0.1

url:http://secunia.com/advisories/50249/

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2012-4239 // VULHUB: VHN-56290 // BID: 54978 // JVNDB: JVNDB-2012-003720 // PACKETSTORM: 115453 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

CREDITS

Reported by the vendor

Trust: 0.3

sources: BID: 54978

SOURCES

db:IVDid:80f2dac6-2353-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2012-4239
db:VULHUBid:VHN-56290
db:BIDid:54978
db:JVNDBid:JVNDB-2012-003720
db:PACKETSTORMid:115453
db:CNNVDid:CNNVD-201208-192
db:NVDid:CVE-2012-3009

LAST UPDATE DATE

2024-08-14T14:21:27.314000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2012-4239date:2012-08-15T00:00:00
db:VULHUBid:VHN-56290date:2012-08-16T00:00:00
db:BIDid:54978date:2012-08-14T22:40:00
db:JVNDBid:JVNDB-2012-003720date:2012-08-20T00:00:00
db:CNNVDid:CNNVD-201208-192date:2012-08-15T00:00:00
db:NVDid:CVE-2012-3009date:2012-08-16T10:38:04.407

SOURCES RELEASE DATE

db:IVDid:80f2dac6-2353-11e6-abef-000c29c66e3ddate:2012-08-15T00:00:00
db:CNVDid:CNVD-2012-4239date:2012-08-15T00:00:00
db:VULHUBid:VHN-56290date:2012-08-16T00:00:00
db:BIDid:54978date:2012-08-13T00:00:00
db:JVNDBid:JVNDB-2012-003720date:2012-08-20T00:00:00
db:PACKETSTORMid:115453date:2012-08-13T05:03:43
db:CNNVDid:CNNVD-201208-192date:2012-08-15T00:00:00
db:NVDid:CVE-2012-3009date:2012-08-16T10:38:04.407