CVE-2017-16689
published 2017-12-12CVE-2017-16689: A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL 64Unicode 7.21, 7.21EXT, 7.22, 7.22EXT; SAP KERNEL from 7.21…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL 64Unicode 7.21, 7.21EXT, 7.22, 7.22EXT; SAP KERNEL from 7.21 to 7.22, 7.45, 7.49, can be established to a different client or a different user on the same system, although no explicit Trusted/Trusting Relation to the same system has been defined.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | sap_kernel | — | — |
| sap | sap_kernel | — | — |
| sap | sap_kernel | — | — |
| sap | sap_kernel | — | — |
| sap | sap_kernel | — | — |
| sap | sap_kernel | — | — |
| sap | trusted_rfc_connection | — | — |