| |
Vulnerability CVE-2015-8600
Published: 2015-12-17
Description: |
The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855. |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://scn.sap.com/community/security/blog/2015/12/09/sap-security-notes-december-2015--review
https://erpscan.io/advisories/10761/
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|