Lucene search

[email protected]CVE-2014-6284

HistoryJun 08, 2015 - 2:59 p.m.

CVE-2014-6284

2015-06-0814:59:00

CWE-264

[email protected]

web.nvd.nist.gov

sap

ase

security vulnerability

cve-2014-6284

nvd

remote attack

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.4%

JSON

SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a crafted response, aka SAP Security Note 2113995.

CPENameOperatorVersion
sybase:adaptive_server_enterprisesybase adaptive server enterpriseeq16.0
sybase:adaptive_server_enterprisesybase adaptive server enterprisele15.7

CPE	Name	Operator	Version
sybase:adaptive_server_enterprise	sybase adaptive server enterprise	eq	16.0
sybase:adaptive_server_enterprise	sybase adaptive server enterprise	le	15.7

References

www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-004/?fid=6200

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.022 Low

EPSS

Percentile

89.4%

JSON

Related for CVE-2014-6284

prion1 cvelist1