CVE-2016-6143

CWE-284Improper Access Control3 documents3 sources
Severity
9.8CRITICAL
EPSS
6.1%
top 9.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Hana
Timeline
PublishedApr 13
Latest updateMay 17

Description

SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDsap/hana1.00.73.00.389160

🔴Vulnerability Details

2
GHSA
GHSA-vmhw-jc5r-vv65: SAP HANA DB 12022-05-17
CVEList
CVE-2016-6143: SAP HANA DB 12017-04-13