CVE-2012-3009 Information

Description

Siemens COMOS before 9.1 Patch 413 9.2 before Update 03 Patch 023 and 10.0 before Patch 005 allows remote authenticated users to obtain database administrative access via unspecified method calls.

Reference

http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-312568.pdf http://www.us-cert.gov/control_systems/pdf/ICSA-12-227-01.pdf