PT-2013-6150 · Sap · Sap Sybase Adaptive Server Enterprise
Publicado
2013-11-23
·
Atualizado
2013-11-25
·
CVE-2013-6859
CVSS v2.0
8.5
Alta
| Vetor | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SAP Sybase Adaptive Server Enterprise (ASE) versions prior to 15.0.3 ESD#4.3
SAP Sybase Adaptive Server Enterprise (ASE) versions prior to 15.5 ESD#5.3
SAP Sybase Adaptive Server Enterprise (ASE) versions prior to 15.7 SP50
SAP Sybase Adaptive Server Enterprise (ASE) versions prior to 15.7 SP100
Description
The issue is related to improper authorization, allowing remote authenticated users to gain privileges. The exact vectors used for exploitation are not specified.
Recommendations
For versions prior to 15.0.3 ESD#4.3, update to 15.0.3 ESD#4.3 or later.
For versions prior to 15.5 ESD#5.3, update to 15.5 ESD#5.3 or later.
For versions prior to 15.7 SP50, update to 15.7 SP50 or later.
For versions prior to 15.7 SP100, update to 15.7 SP100 or later.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sap Sybase Adaptive Server Enterprise