CVE-2016-3946

Опубликовано: 13 окт. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461.

Ссылки

http://seclists.org/fulldisclosure/2016/Oct/31
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/93509
https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage
Permissions Required
http://seclists.org/fulldisclosure/2016/Oct/31
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/93509
https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage
Permissions Required

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:sapconsole:7.30:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00054

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-73xf-52j8-9h74