CVE-2021-37196

CWE-23 CWE-22 — Path Traversal3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.3%

top 43.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Comos Siemens Comos V10.2 Siemens Comos V10.3 +1 more

Timeline

PublishedJan 11

Latest updateFeb 10

Description

A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions = V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS unpacks specially crafted archive files to relative paths. This vulnerability could allow an attacker to store files in any folder accessible by the COMOS Web webservice.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶NVDsiemens/comos10.3 — 10.3.3.3+2

▶CVEListV5siemens/comos_v10.2All versions only if web components are used

▶CVEListV5siemens/comos_v10.3All versions < V10.3.3.3 only if web components are used, All versions >= V10.3.3.3 only if web components are used+1

▶CVEListV5siemens/comos_v10.4All versions < V10.4.1 only if web components are used

Patches

Patch: cert-portal.siemens.com ↗Patch: cert-portal.siemens.com ↗

🔴Vulnerability Details

GHSA

GHSA-mjj9-wv6r-p28g: A vulnerability has been identified in COMOS (All versions < V10↗2022-02-10

▶

CVEList

CVE-2021-37196: A vulnerability has been identified in COMOS V10↗2022-01-11

▶