Details of VAR-201208-0349

ID

VAR-201208-0349

CVE

CVE-2012-3009

TITLE

Siemens COMOS Vulnerable to obtaining database administrator privileges

Trust: 0.8

sources: JVNDB: JVNDB-2012-003720

DESCRIPTION

Siemens COMOS before 9.1 Patch 413, 9.2 before Update 03 Patch 023, and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls. COMOS is a factory engineering software. Siemens COMOS is prone to an unspecified security-bypass vulnerability. Siemens COMOS is the world's leading provider of software solutions in the field of integrated lifecycle engineering. ---------------------------------------------------------------------- The new Secunia CSI 6.0 is now available in beta! Seamless integration with your existing security solutions Sign-up to become a Beta tester: http://secunia.com/csi6beta ---------------------------------------------------------------------- TITLE: Siemens COMOS Unspecified Security Bypass Security Issue SECUNIA ADVISORY ID: SA50249 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50249/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50249 RELEASE DATE: 2012-08-13 DISCUSS ADVISORY: http://secunia.com/advisories/50249/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50249/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50249 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Siemens COMOS, which can be exploited by malicious users to bypass certain security restrictions. Successful exploitation requires read access to the database. The security issue is reported in versions prior to 9.1 Patch 413, 9.2 Update 03 Patch 023, 10.0 Patch 005, and 10.0 SP1. SOLUTION: Update to version 9.1 Patch 413, 9.2 Update 03 Patch 023, 10.0 Patch 005, or 10.0 SP1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2012-3009 // JVNDB: JVNDB-2012-003720 // CNVD: CNVD-2012-4239 // BID: 54978 // IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-56290 // PACKETSTORM: 115453

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4239

AFFECTED PRODUCTS

vendor:	siemens	model:	comos	scope:	eq	version:	9.2	Trust: 1.6
vendor:	siemens	model:	comos	scope:	eq	version:	10.0	Trust: 1.6
vendor:	siemens	model:	comos	scope:	lte	version:	9.1	Trust: 1.0
vendor:	siemens	model:	comos	scope:	eq	version:	update 03 patch 023	Trust: 0.8
vendor:	siemens	model:	comos	scope:	lt	version:	9.2	Trust: 0.8
vendor:	siemens	model:	comos	scope:	eq	version:	patch 005	Trust: 0.8
vendor:	siemens	model:	comos	scope:	lt	version:	10.0	Trust: 0.8
vendor:	siemens	model:	comos	scope:	eq	version:	10.x	Trust: 0.6
vendor:	siemens	model:	comos	scope:	eq	version:	9.x	Trust: 0.6
vendor:	siemens	model:	comos	scope:	eq	version:	9.1	Trust: 0.6
vendor:	comos	model:	-	scope:	eq	version:	*	Trust: 0.2
vendor:	comos	model:	-	scope:	eq	version:	9.2	Trust: 0.2
vendor:	comos	model:	-	scope:	eq	version:	10.0	Trust: 0.2

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4239 // JVNDB: JVNDB-2012-003720 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3009
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3009
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201208-192
value:	HIGH
Trust: 0.6
IVD:	80f2dac6-2353-11e6-abef-000c29c66e3d
value:	HIGH
Trust: 0.2
VULHUB:	VHN-56290
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3009
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
IVD:	80f2dac6-2353-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-56290
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.8
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // VULHUB: VHN-56290 // JVNDB: JVNDB-2012-003720 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-56290 // JVNDB: JVNDB-2012-003720 // NVD: CVE-2012-3009

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201208-192

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201208-192

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-003720

PATCH

title:	Top Page	url:	http://www.siemens.com/	Trust: 0.8
title:	SSA-312568: Security Vulnerability in COMOS	url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf	Trust: 0.8
title:	シーメンスソリューションパートナー	url:	http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx	Trust: 0.8
title:	シーメンス・ジャパン株式会社	url:	http://www.siemens.com/entry/jp/ja/	Trust: 0.8
title:	Siemens COMOS has an unspecified security bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/19782	Trust: 0.6

sources: CNVD: CNVD-2012-4239 // JVNDB: JVNDB-2012-003720

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3009	Trust: 3.6
db:	ICS CERT	id:	ICSA-12-227-01	Trust: 2.8
db:	SIEMENS	id:	SSA-312568	Trust: 2.7
db:	CNNVD	id:	CNNVD-201208-192	Trust: 0.9
db:	CNVD	id:	CNVD-2012-4239	Trust: 0.8
db:	JVNDB	id:	JVNDB-2012-003720	Trust: 0.8
db:	SECUNIA	id:	50249	Trust: 0.8
db:	NSFOCUS	id:	20296	Trust: 0.6
db:	BID	id:	54978	Trust: 0.4
db:	IVD	id:	80F2DAC6-2353-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-56290	Trust: 0.1
db:	PACKETSTORM	id:	115453	Trust: 0.1

sources: IVD: 80f2dac6-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-4239 // VULHUB: VHN-56290 // BID: 54978 // JVNDB: JVNDB-2012-003720 // PACKETSTORM: 115453 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

REFERENCES

url:	http://www.us-cert.gov/control_systems/pdf/icsa-12-227-01.pdf	Trust: 2.8
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf	Trust: 2.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3009	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3009	Trust: 0.8
url:	http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdfhttp	Trust: 0.6
url:	http://secunia.com/advisories/50249	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/20296	Trust: 0.6
url:	http://subscriber.communications.siemens.com/	Trust: 0.3
url:	http://secunia.com/advisories/50249/#comments	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	http://secunia.com/csi6beta	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50249	Trust: 0.1
url:	http://secunia.com/advisories/50249/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: CNVD: CNVD-2012-4239 // VULHUB: VHN-56290 // BID: 54978 // JVNDB: JVNDB-2012-003720 // PACKETSTORM: 115453 // CNNVD: CNNVD-201208-192 // NVD: CVE-2012-3009

CREDITS

Reported by the vendor

Trust: 0.3

sources: BID: 54978

SOURCES

db:	IVD	id:	80f2dac6-2353-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2012-4239
db:	VULHUB	id:	VHN-56290
db:	BID	id:	54978
db:	JVNDB	id:	JVNDB-2012-003720
db:	PACKETSTORM	id:	115453
db:	CNNVD	id:	CNNVD-201208-192
db:	NVD	id:	CVE-2012-3009

LAST UPDATE DATE

2024-08-14T14:21:27.314000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-4239	date:	2012-08-15T00:00:00
db:	VULHUB	id:	VHN-56290	date:	2012-08-16T00:00:00
db:	BID	id:	54978	date:	2012-08-14T22:40:00
db:	JVNDB	id:	JVNDB-2012-003720	date:	2012-08-20T00:00:00
db:	CNNVD	id:	CNNVD-201208-192	date:	2012-08-15T00:00:00
db:	NVD	id:	CVE-2012-3009	date:	2012-08-16T10:38:04.407

SOURCES RELEASE DATE

db:	IVD	id:	80f2dac6-2353-11e6-abef-000c29c66e3d	date:	2012-08-15T00:00:00
db:	CNVD	id:	CNVD-2012-4239	date:	2012-08-15T00:00:00
db:	VULHUB	id:	VHN-56290	date:	2012-08-16T00:00:00
db:	BID	id:	54978	date:	2012-08-13T00:00:00
db:	JVNDB	id:	JVNDB-2012-003720	date:	2012-08-20T00:00:00
db:	PACKETSTORM	id:	115453	date:	2012-08-13T05:03:43
db:	CNNVD	id:	CNNVD-201208-192	date:	2012-08-15T00:00:00
db:	NVD	id:	CVE-2012-3009	date:	2012-08-16T10:38:04.407