Lucene search

[email protected]CVE-2015-6507

HistoryOct 15, 2015 - 8:59 p.m.

CVE-2015-6507

2015-10-1520:59:00

CWE-119

[email protected]

web.nvd.nist.gov

sap

hana

hdbsql

cve-2015-6507

denial of service

memory corruption

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows local users to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2140700.

CPENameOperatorVersion
sap:hanasap hanaeq1.00.091.00

CPE	Name	Operator	Version
sap:hana	sap hana	eq	1.00.091.00

References

packetstormsecurity.com/files/133760/SAP-HANA-hdbsql-Memory-Corruption.html

seclists.org/fulldisclosure/2015/Sep/109

www.onapsis.com/blog/analyzing-sap-security-notes-april-2015-edition

www.onapsis.com/research/security-advisories/sap-hana-multiple-memory-corruption-vulnerabilities

7.7 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2015-6507

prion1 cvelist1