Lucene search

[email protected]NVD:CVE-2003-0943

HistoryDec 15, 2003 - 5:00 a.m.

CVE-2003-0943

2003-12-1505:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

80.5%

JSON

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).

Affected configurations

Nvd

Node

sapsap_dbRange≤7.4.03.29

VendorProductVersionCPE
sapsap_db*cpe:2.3:a:sap:sap_db:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	sap_db	*	cpe:2.3:a:sap:sap_db::::::::

References

www.atstake.com/research/advisories/2003/a111703-2.txt

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

80.5%

JSON

Related for NVD:CVE-2003-0943

cvelist1 cve1 securityvulns1