Lucene search
+L

191 matches found

cnvd
cnvd
added 2022/06/20 12:0 a.m.26 views

SAP Adaptive Server Enterprise Elevation of Privilege Vulnerability

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An elevation of privilege vulnerability exists in SAP Adaptive Server Enterprise. The vulnerability stems from an incorrect programmatic call to an advanced local procedure. An attacker could use the vulnerabili...

7.2CVSS6.4AI score0.0023EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/06/14 12:0 a.m.5 views

SAP Adaptive Server Enterprise 安全漏洞

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An elevation of privilege vulnerability exists in SAP Adaptive Server Enterprise. The vulnerability stems from an incorrect programmatic call to an advanced local procedure. An attacker could use the vulnerabili...

7.2CVSS5.6AI score0.0023EPSS
Exploits0References4
osv
osv
added 2022/02/09 11:15 p.m.4 views

CVE-2022-22528

SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...

7.8CVSS5.9AI score0.00316EPSS
Exploits0References2
nvd
nvd
added 2022/02/09 11:15 p.m.23 views

CVE-2022-22528

SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...

7.8CVSS0.00316EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/02/09 11:15 p.m.6 views

CVE-2022-22528

SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...

7.8CVSS7.2AI score0.00316EPSS
Exploits0References4Affected Software1
cve
cve
added 2022/02/09 10:5 p.m.103 views

CVE-2022-22528

CVE-2022-22528 affects SAP Adaptive Server Enterprise (ASE) version 16.0 on Windows, where the installer writes an entry to the system PATH. Under certain conditions this can allow a Standard User to execute malicious Windows binaries, enabling local privilege escalation. The issue is tied to the...

7.8CVSS7.6AI score0.00316EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/02/09 10:5 p.m.29 views

CVE-2022-22528

SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...

8AI score0.00316EPSS
Exploits0References2
cnnvd
cnnvd
added 2022/02/08 12:0 a.m.5 views

SAP 3D Visual Enterprise Viewer 输入验证错误漏洞

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installations with standalone executables and ActiveX space. An input validation error vulnerability exis...

6.5CVSS6.6AI score0.00885EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/02/08 12:0 a.m.7 views

SAP Adaptive Server Enterprise 代码问题漏洞

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. A code issue vulnerability exists in SAP Adaptive Server Enterprise, which can be exploited by attackers to compromise vulnerable systems, including Business Objects, SAP CRM Web Channel, SAP CRM, SAP ERP,...

7.8CVSS7.5AI score0.00316EPSS
Exploits0References5
cnnvd
cnnvd
added 2022/02/08 12:0 a.m.4 views

SAP NetWeaver AS SQL注入漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. SAP NetWeaver AS has a SQL injection vulnerability that can be exploited by attackers to threaten vulnerable systems, including Business Objects, SAP...

7.5CVSS7.5AI score0.01185EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2021/04/21 12:0 a.m.4 views

The vulnerability of the Cockpit database component in Adaptive Server Enterprise, which allows a hacker to disclose protected information

The vulnerability of the Cockpit database component in Adaptive Server Enterprise is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to disclose the protected information...

6.1CVSS7.1AI score0.0027EPSS
Exploits0References3Affected Software1
cnvd
cnvd
added 2020/12/02 12:0 a.m.3 views

SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-74929)

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An information disclosure vulnerability exists in SAP Adaptive Server Enterprise. The vulnerability allows an attacker with local access rights to access sensitive information that appears in installation log...

3.5CVSS5.9AI score0.00351EPSS
Exploits0References1
nvd
nvd
added 2020/11/30 7:15 p.m.23 views

CVE-2020-6317

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...

3.5CVSS3.6AI score0.00351EPSS
Exploits0References2
osv
osv
added 2020/11/30 7:15 p.m.4 views

CVE-2020-6317

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...

3.5CVSS5.8AI score0.00351EPSS
Exploits0References2
prion
prion
added 2020/11/30 7:15 p.m.24 views

Design/Logic Flaw

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...

2.7CVSS3.9AI score0.00351EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/11/30 6:53 p.m.52 views

CVE-2020-6317

Technical details are not publicly available in the provided documents. Monitor for updates.

3.5CVSS3.9AI score0.00351EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/11/30 6:53 p.m.24 views

CVE-2020-6317

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...

2.6CVSS3.8AI score0.00351EPSS
Exploits0References2
cnvd
cnvd
added 2020/08/17 12:0 a.m.2 views

SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-46790)

SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An information disclosure vulnerability exists in SAP ASE version 16.0. An attacker could exploit the vulnerability to access encrypted sensitive information...

7.8CVSS6.1AI score0.0027EPSS
Exploits0References1
nvd
nvd
added 2020/08/12 2:15 p.m.22 views

CVE-2020-6295

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...

7.8CVSS6.9AI score0.0027EPSS
Exploits0References2
osv
osv
added 2020/08/12 2:15 p.m.3 views

CVE-2020-6295

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...

7.8CVSS7.1AI score
Exploits0References2
Rows per page
Query Builder