GHSA-2vjx-vmx2-m3h4

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2016-6146
https://layersevensecurity.com/wp-content/uploads/2016/03/Layer-Seven-Security_SAP-Security-Notes_February-2016.pdf
http://onapsis.com/research/security-advisories/sap-trex-tns-information-disclosure-nameserver
http://packetstormsecurity.com/files/138445/SAP-TREX-7.10-Revision-63-NameServer-TNS-Information-Disclosure.html
http://scn.sap.com/community/security/blog/2015/12/09/sap-security-notes-december-2015--review
http://seclists.org/fulldisclosure/2016/Aug/93

EPSS

Процентиль: 55%

0.00325

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2016-6146

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-6146

CVSS3: 5.3

nvd

больше 9 лет назад

The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.

EPSS

Процентиль: 55%

0.00325

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2016-6146

Дефекты

CWE-200