CVE-2023-43503

CWE-319 — Cleartext Transmission3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 56.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Siemens Comos

Timeline

PublishedNov 14

Description

A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the affected application leaks sensitive information such as user and project information in cleartext via UDP.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

▶NVDsiemens/comos< 10.4.4

▶CVEListV5siemens/comosAll versions < V10.4.4

🔴Vulnerability Details

CVEList

CVE-2023-43503: A vulnerability has been identified in COMOS (All versions < V10↗2023-11-14

▶

GHSA

GHSA-6356-496x-hgxh: A vulnerability has been identified in COMOS (All versions < V10↗2023-11-14

▶