| |
Vulnerability CVE-2019-0381
Published: 2019-10-08
| Description: |
A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier, before versions 1.0 and 2.0, can result in the inadvertent access of files located in directories outside of the paths specified by the user. |
Type:
CWE-552 (Files or Directories Accessible to External Parties)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://launchpad.support.sap.com/#/notes/2792430
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
