CVE-2015-7991

CWE-200 — Information Exposure3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.2%

top 56.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Hana

Timeline

PublishedNov 10

Latest updateMay 17

Description

The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsap/hana1.00.73.00.389160

🔴Vulnerability Details

GHSA

GHSA-q629-whfc-3wj8: The Web Dispatcher service in SAP HANA DB 1↗2022-05-17

▶

CVEList

CVE-2015-7991: The Web Dispatcher service in SAP HANA DB 1↗2015-11-10

▶