CVE-2003-0943 — SAP DB vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.9%

top 24.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP DB

Timeline

PublishedDec 15

Latest updateApr 29

Description

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsap/sap_db7.4.03.29

Patches

Patch: www.atstake.com ↗Patch: www.atstake.com ↗

🔴Vulnerability Details

GHSA

GHSA-p84w-jjxr-7hjx: web-tools in SAP DB before 7↗2022-04-29

▶

CVEList

CVE-2003-0943: web-tools in SAP DB before 7↗2003-11-21

▶