CVE-2003-0943

2022-10-0316:15:44

mitre

www.cve.org

sap db

web-tools

default services

vulnerability

remote attackers

sensitive information

redirect attacks

internal databases

6.7 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.3%

JSON

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).

References

www.atstake.com/research/advisories/2003/a111703-2.txt