Lucene search
K

191 matches found

Prion
Prion
added 2020/08/12 2:15 p.m.22 views

Information disclosure

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...

4.6CVSS7.3AI score0.0027EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/12 1:28 p.m.22 views

CVE-2020-6295

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...

7CVSS7.4AI score0.0027EPSS
Exploits0References2
CNVD
CNVD
added 2020/05/13 12:0 a.m.3 views

SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-29753)

SAP Adaptive Server Enterprise is a relational database server from SAP. An information disclosure vulnerability exists in SAP Adaptive Server Enterprise. An attacker could exploit this vulnerability to obtain account credentials, manipulate system data, and impact system availability...

9CVSS6.2AI score0.0052EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.2 views

SAP Adaptive Server Enterprise SQL Injection Vulnerability (CNVD-2020-29750)

SAP Adaptive Server Enterprise is a relational database server from SAP. A SQL injection vulnerability exists in SAP Adaptive Server Enterprise. An attacker could exploit this vulnerability by executing specially crafted query statements to elevate privileges, modify database objects, or execute...

7.2CVSS8.2AI score0.01236EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.2 views

SAP Adaptive Server Enterprise SQL Injection Vulnerability (CNVD-2020-29747)

SAP Adaptive Server Enterprise is a relational database server from SAP. A SQL injection vulnerability exists in SAP Adaptive Server Enterprise. An attacker can exploit this vulnerability by executing specially crafted database query statements to elevate privileges...

8.8CVSS7.9AI score0.00974EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.2 views

SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-29752)

SAP Adaptive Server Enterprise is a relational database server from SAP. An information disclosure vulnerability exists in SAP Adaptive Server Enterprise. An attacker could exploit this vulnerability to read the system administrator password via certain misconfigured endpoints that are publicly...

6.8CVSS6.3AI score0.00518EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.2 views

SAP Adaptive Server Enterprise Authorization Issues Vulnerability

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. SAP Adaptive Server Enterprise has an authorization issue vulnerability that stems from a lack of authorization checking. An attacker could exploit the vulnerability to access information...

6.5CVSS6.8AI score0.00774EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.2 views

SAP Adaptive Server Enterprise Input Validation Error Vulnerability

SAP Adaptive Server Enterprise is a relational database server from SAP. An input validation error vulnerability exists in SAP Adaptive Server Enterprise, which arises when the program does not perform the required validation checks on an authenticated user. An attacker could exploit this...

9.1CVSS7.2AI score0.01888EPSS
Exploits0References1
CNVD
CNVD
added 2020/05/13 12:0 a.m.3 views

SAP Adaptive Server Enterprise Injection Vulnerability

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An injection vulnerability exists in SAP Adaptive Server Enterprise, which originates when the program does not perform the required authentication checks on an authenticated user. An attacker could exploit the...

8.8CVSS7.3AI score0.00881EPSS
Exploits0References1
OSV
OSV
added 2020/05/12 6:15 p.m.2 views

CVE-2020-6252

Under certain conditions SAP Adaptive Server Enterprise Cockpit, version 16.0, allows an attacker with access to local network, to get sensitive and confidential information, leading to Information Disclosure. It can be used to get user account credentials, tamper with system data and impact syst...

8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2020/05/12 6:15 p.m.16 views

CVE-2020-6252

Under certain conditions SAP Adaptive Server Enterprise Cockpit, version 16.0, allows an attacker with access to local network, to get sensitive and confidential information, leading to Information Disclosure. It can be used to get user account credentials, tamper with system data and impact syst...

9CVSS8AI score0.0052EPSS
Exploits0References2
OSV
OSV
added 2020/05/12 6:15 p.m.5 views

CVE-2020-6253

Under certain conditions, SAP Adaptive Server Enterprise Web Services, versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute, leading to SQL...

7.2CVSS5.9AI score0.01236EPSS
Exploits0References2
OSV
OSV
added 2020/05/12 6:15 p.m.2 views

CVE-2020-6259

Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check...

6.5CVSS6.6AI score0.00774EPSS
Exploits0References2
OSV
OSV
added 2020/05/12 6:15 p.m.6 views

CVE-2020-6248

SAP Adaptive Server Enterprise Backup Server, version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection...

7.2CVSS7.8AI score0.01888EPSS
Exploits0References2
NVD
NVD
added 2020/05/12 6:15 p.m.16 views

CVE-2020-6248

SAP Adaptive Server Enterprise Backup Server, version 16.0, does not perform the necessary validation checks for an authenticated user while executing DUMP or LOAD command allowing arbitrary code execution or Code Injection...

9.1CVSS8AI score0.01888EPSS
Exploits0References2
NVD
NVD
added 2020/05/12 6:15 p.m.11 views

CVE-2020-6250

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop t...

6.8CVSS6.5AI score0.00518EPSS
Exploits0References2
NVD
NVD
added 2020/05/12 6:15 p.m.17 views

CVE-2020-6241

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection...

8.8CVSS8.9AI score0.00974EPSS
Exploits0References2
OSV
OSV
added 2020/05/12 6:15 p.m.4 views

CVE-2020-6243

Under certain conditions, SAP Adaptive Server Enterprise XP Server on Windows Platform, versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attacker to read, modify, delete restricted data on connected...

8.8CVSS7.5AI score0.00881EPSS
Exploits0References2
Prion
Prion
added 2020/05/12 6:15 p.m.8 views

Information disclosure

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password leading to Information Disclosure. This could help the attacker to read/write any data and even stop t...

6.7CVSS6.5AI score0.00518EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/05/12 6:15 p.m.16 views

Sql injection

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection...

6.5CVSS8.8AI score0.00974EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder