CVE-2016-6149

Опубликовано: 05 авг. 2016

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941.

Ссылки

http://packetstormsecurity.com/files/138456/SAP-HANA-SPS09-1.00.091.00.1418659308-EXPORT-Information-Disclosure.html
http://seclists.org/fulldisclosure/2016/Aug/108
http://seclists.org/fulldisclosure/2016/Aug/97
http://www.securityfocus.com/bid/92061
Third Party Advisory
VDB Entry
https://www.onapsis.com/blog/analyzing-sap-security-notes-january-2016
Third Party Advisory
https://www.onapsis.com/research/security-advisories/sap-hana-information-disclosure-export
Permissions Required
Third Party Advisory
http://packetstormsecurity.com/files/138456/SAP-HANA-SPS09-1.00.091.00.1418659308-EXPORT-Information-Disclosure.html
http://seclists.org/fulldisclosure/2016/Aug/108
http://seclists.org/fulldisclosure/2016/Aug/97
http://www.securityfocus.com/bid/92061
Third Party Advisory
VDB Entry
https://www.onapsis.com/blog/analyzing-sap-security-notes-january-2016
Third Party Advisory
https://www.onapsis.com/research/security-advisories/sap-hana-information-disclosure-export
Permissions Required
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:hana_sps09:1.00.091.00.14186593:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00063

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2fjj-c2r7-57f3