Lucene search

[email protected]CVE-2013-6866

HistoryNov 23, 2013 - 6:55 p.m.

CVE-2013-6866

2013-11-2318:55:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2013-6866

sap

sybase

adaptive server enterprise

ase

arbitrary code execution

remote code execution

cr736689

security vulnerability

8.2 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.7%

JSON

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR736689.

CPENameOperatorVersion
sybase:adaptive_server_enterprisesybase adaptive server enterpriseeq15.5
sybase:adaptive_server_enterprisesybase adaptive server enterpriseeq15.0.3
sybase:adaptive_server_enterprisesybase adaptive server enterpriseeq15.7

CPE	Name	Operator	Version
sybase:adaptive_server_enterprise	sybase adaptive server enterprise	eq	15.5
sybase:adaptive_server_enterprise	sybase adaptive server enterprise	eq	15.0.3
sybase:adaptive_server_enterprise	sybase adaptive server enterprise	eq	15.7

References

scn.sap.com/docs/DOC-8218

secunia.com/advisories/55537

www.sybase.com/detail?id=1099371

service.sap.com/sap/support/notes/1893560

8.2 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2013-6866

prion1 cvelist1