CVE-2007-1914

3 documents3 sources
Severity
7.8HIGH
EPSS
0.5%
top 33.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP RFC Library
Timeline
PublishedApr 10
Latest updateMay 1

Description

The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

โ–ถNVDsap/rfc_library6.4, 7.0+1

Patches

Patch: www.cybsec.com โ†—Patch: www.cybsec.com โ†—

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-gr6x-4fcp-wfg7: The RFC_START_PROGRAM function in the SAP RFC Library 6โ†—2022-05-01
โ–ถ
CVEList
CVE-2007-1914: The RFC_START_PROGRAM function in the SAP RFC Library 6โ†—2007-04-10
โ–ถ
CVE-2007-1914 (HIGH CVSS 7.8) | The RFC_START_PROGRAM function in t | cvebase.io