CVE-2023-46601

Name of the Vulnerable Software and Affected Versions COMOS (All versions)

Description The issue is related to inadequate access controls in the COMOS application, specifically when making a connection to the SQLServer. This could allow a remote attacker to directly query the database, accessing information that the user should not have access to.

Recommendations For COMOS (All versions), consider restricting access to the SQLServer connection to minimize the risk of exploitation until a proper fix is applied. As a temporary workaround, limiting user privileges and access to sensitive data can help reduce the potential impact. At the moment, there is no information about a newer version that contains a fix for this vulnerability.