CVE-2013-7245

Опубликовано: 24 апр. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.

Ссылки

http://blog.spiderlabs.com/2014/01/sap-sybase-ase-157-security-updates.html
Third Party Advisory
https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-035.txt
Third Party Advisory
http://blog.spiderlabs.com/2014/01/sap-sybase-ase-157-security-updates.html
Third Party Advisory
https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-035.txt
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sybase:adaptive_server_enterprise:15.7:*:*:*:*:*:*:*

cpe:2.3:a:sybase:adaptive_server_enterprise:15.7:sp50:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00254

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-285

Связанные уязвимости

GHSA-f5j2-wjwv-gxgv