Lucene search

[email protected]CVE-2003-0943

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2003-0943

2022-10-0316:15:44

[email protected]

web.nvd.nist.gov

sap db

web-tools

cve-2003-0943

security vulnerability

remote attacks

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.3%

JSON

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).

Affected configurations

NVD

Node

sapsap_dbRange≤7.4.03.29

CPENameOperatorVersion
sap:sap_dbsap sap dble7.4.03.29

CPE	Name	Operator	Version
sap:sap_db	sap sap db	le	7.4.03.29

References

www.atstake.com/research/advisories/2003/a111703-2.txt

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.3%

JSON

Related for CVE-2003-0943

nvd1 cvelist1 securityvulns1