Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-7725
HistoryOct 15, 2015 - 8:59 p.m.

CVE-2015-7725

2015-10-1520:59:02
CWE-89
[email protected]
web.nvd.nist.gov
22
sap
hana db
sql injection
remote authenticated users
nvd
cve-2015-7725
security vulnerabilities

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.0%

JSON

Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allow remote authenticated users to execute arbitrary SQL commands via the (1) remoteSourceName in the dropCredentials function or unspecified vectors in the (2) setTraceLevelsForXsApps, (3) _modifyUser, or (4) _newUser function, aka SAP Security Notes 2153898 and 2153765.

Affected configurations

NVD
Node
saphanaMatch1.00.091.00
CPENameOperatorVersion
sap:hanasap hanaeq1.00.091.00

References

Related

cvelist 1
nvd 1
prion 1
cvelist
cvelist
CVE-2015-7725
2015-10-15 20:00:00
nvd
nvd
CVE-2015-7725
2015-10-15 20:59:02
prion
prion
Sql injection
2015-10-15 20:59:00

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

8.3 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.0%

JSON
Related for CVE-2015-7725
cvelist1nvd1prion1