Lucene search
+L
SapAdaptive Server Enterprise

14 matches found

CVE
CVE
added 2022/02/09 10:5 p.m.104 views

CVE-2022-22528

CVE-2022-22528 affects SAP Adaptive Server Enterprise (ASE) version 16.0 on Windows, where the installer writes an entry to the system PATH. Under certain conditions this can allow a Standard User to execute malicious Windows binaries, enabling local privilege escalation. The issue is tied to the...

7.8CVSS7.6AI score0.00316EPSS
CVE
CVE
added 2022/06/14 6:45 p.m.81 views

CVE-2022-31595

Affected product: SAP Financial Consolidation version 1010. The issue arises from missing authorization checks for an authenticated user, enabling escalation of privileges. This vulnerability is documented across multiple sources (SAP notes and CVE entries) with high-severity impact in CVSS 3.1/3...

8.8CVSS8.2AI score0.00733EPSS
CVE
CVE
added 2019/12/11 9:35 p.m.80 views

CVE-2019-0402

CVE-2019-0402 affects SAP Adaptive Server Enterprise (ASE) prior to 15.7 and 16.0. The issue is an information-disclosure vulnerability that can occur under certain conditions, potentially exposing sensitive information from ASE. Exploitation requires local access with high privileges; no user in...

4.4CVSS4.6AI score0.00419EPSS
CVE
CVE
added 2022/06/14 6:44 p.m.74 views

CVE-2022-31594

CVE-2022-31594 corresponds to an elevation-of-privilege issue in SAP Adaptive Server Enterprise (ASE) affecting local Unix systems. The Red Hat/CNVD/CNNVD entries describe a scenario where a highly privileged user can exploit a SUID-root program to escalate to root. The root cause is cited as an ...

7.2CVSS6.5AI score0.0023EPSS
CVE
CVE
added 2020/05/12 5:56 p.m.68 views

CVE-2020-6241

SAP Adaptive Server Enterprise (ASE) 16.0 is affected by CVE-2020-6241. The vulnerability is a SQL injection in global temporary tables that an authenticated user can exploit to elevate privileges within ASE. The issue is confirmed by Red Hat’s CVE entry and ThreatPost reporting alongside SAP/Tru...

8.8CVSS8.8AI score0.00974EPSS
CVE
CVE
added 2020/05/12 5:47 p.m.65 views

CVE-2020-6243

The CVE-2020-6243 entry affects SAP Adaptive Server Enterprise (XP Server on Windows), specifically versions 15.7 and 16.0. The root cause is that the extended stored procedure execution may not perform necessary checks for an authenticated user, allowing an attacker to read, modify, or delete re...

8.8CVSS8.5AI score0.00881EPSS
CVE
CVE
added 2020/05/12 5:52 p.m.63 views

CVE-2020-6250

SAP Adaptive Server Enterprise 16.0 is affected by an information-disclosure vulnerability (CVE-2020-6250) due to misconfigured endpoints exposed on an adjacent network. An authenticated attacker can read system administrator passwords, potentially leading to reading/writing data and even stoppin...

6.8CVSS7AI score0.00518EPSS
CVE
CVE
added 2020/05/12 5:55 p.m.63 views

CVE-2020-6253

CVE-2020-6253 affects SAP Adaptive Server Enterprise Web Services (versions 15.7 and 16.0). The vulnerability arises from the WebServices handling code, enabling an authenticated user to craft database queries that elevate privileges, modify objects, or execute unauthorised commands, i.e., a SQL ...

7.2CVSS7.7AI score0.01236EPSS
CVE
CVE
added 2020/05/12 5:56 p.m.62 views

CVE-2020-6259

The CVE-2020-6259 entry concerns SAP Adaptive Server Enterprise. Affected software: SAP ASE versions 15.7 and 16.0. Issue: a Missing Authorization Check that could let an attacker access information that should be restricted, resulting in information disclosure. Root cause: insufficient authoriza...

6.5CVSS6.3AI score0.00774EPSS
CVE
CVE
added 2018/09/11 3:0 p.m.52 views

CVE-2018-2457

SAP Adaptive Server Enterprise (ASE) 16.0 is cited in connected sources as having an unauthorized access vulnerability that could allow some privileged users to access information that should be restricted. The CNVD entry for SAP ASE 16.0 confirms an unauthorized access flaw; however, the provide...

6.5CVSS6.2AI score0.00867EPSS
CVE
CVE
added 2020/11/30 6:53 p.m.52 views

CVE-2020-6317

Technical details are not publicly available in the provided documents. Monitor for updates.

3.5CVSS3.9AI score0.00351EPSS
CVE
CVE
added 2020/08/12 1:28 p.m.51 views

CVE-2020-6295

CVE-2020-6295 affects SAP Adaptive Server Enterprise 16.0. A vulnerability allows an attacker to access encrypted sensitive information through publicly readable installation log files, leading to a compromise of the Cockpit and potential information disclosure (view/modify/unavailable data). The...

7.8CVSS7.3AI score0.0027EPSS
CVE
CVE
added 2018/10/09 1:0 p.m.42 views

CVE-2018-2469

SAP Adaptive Server Enterprise (ASE) versions 15.7 and 16.0 are affected by an information-disclosure vulnerability that allows an attacker to access data that would normally be restricted. The available sources (NVD/CNVD/related records) consistently describe this as an information-disclosure is...

7.5CVSS7.3AI score0.01728EPSS
CVE
CVE
added 2018/10/09 1:0 p.m.41 views

CVE-2018-2468

CVE-2018-2468 affects SAP Adaptive Server Enterprise (ASE) backup server in versions 15.7 and 16.0. The issue is an information-disclosure vulnerability where an attacker can access restricted information under certain conditions. The provided connected documents confirm the affected component (B...

7.5CVSS7.3AI score0.01728EPSS