3 matches found
CVE-2020-6252
Under certain conditions SAP Adaptive Server Enterprise Cockpit, version 16.0, allows an attacker with access to local network, to get sensitive and confidential information, leading to Information Disclosure. It can be used to get user account credentials, tamper with system data and impact syst...
Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers
A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...
CVE-2020-6252
CVE-2020-6252 affects SAP Adaptive Server Enterprise (ASE) Cockpit on Windows installations of ASE 16. The vulnerability arises because the login password for the helper SQL Anywhere database (used by Cockpit) is stored in a configuration file readable by any local Windows user, enabling an attac...