SAP Wily Introscope Enterprise versions 9.7, 10.1, 10.5, and 10.7 suffer from a command injection vulnerability.
98a2961b16ad9e9f794ffa70067807ac00d45185e9401b26dfb8f0385594eaf6SAP Wily Introscope Enterprise versions 9.7, 10.1, 10.5, and 10.7 suffer from having default hard-coded credentials.
472008089fe805ca278b030c1c5074c99b2877ee00a4db2ac51d3e76c1b7e7e4JD Edwards 9.1 EnterpriseOne Server suffers from a JDENET function denial of service vulnerability.
889f5e3dd07c7308e8658794c8da5c0f5284acb131eb8f9f9a5633ddc0a01a18Unauthenticated attackers could create users in the JD Edwards 9.1 EnterpriseOne Server Manager, ultimately compromising the whole JDE landscape hence all of its information and processes.
ca565817d3ce7b6ada51f79927008a327710729db5d5e96af07939a94de5a0bdJD Edwards 9.1 EnterpriseOne Server suffers from a password disclosure vulnerability in JDENET.
4f1e778e88e221bb4ce3c6afa9a34ba2a2c2b9ca7fc096f5c96232f9c74fe045JD Edwards 9.1 EnterpriseOne Server suffers from a shutdown vulnerability.
f554646aa3f6dfa37e5cf970dfccc59f2a82098df1f7e66dec5919c9d1c7de0dJD Edwards 9.1 EnterpriseOne Server suffers from a password disclosure vulnerability.
f62b06ca46ce6a950bf75e81bcd7d1a68c1c5faa0828341fcfd2c92b0be3d0e8SAP HANA SPS09 version 1.00.091.00.1418659308 suffers from an information disclosure vulnerability in EXPORT.
4a5f8342b24325e43b5343b266af9c9b8acc91107d4a6b28357e158112cec19fAn error in the implementation results in no authentication/encryption being done for tenants services in "high isolation" mode on SAP HANA DB.
c6551122b9fa4cbc6499321204eb298ebec9e485d4e308ec1c7723979c014023Under certain conditions a remote authenticated attacker with IMPORT system privileges could potentially execute arbitrary code on SAP HANA DB version 1.00.73.00.389160.
837a43738fa05ae4c66c0884d724e8afff46e553af7b6eed1b6a5848bf68571eSAP TREX version 7.10 revision 63 suffers from a remote command execution vulnerability.
0819be6c462080645727510772e93d336c75a8827da0a93033522577a8a61c8cSAP TREX version 7.10 revision 63 suffers from a TNS information disclosure vulnerability in NameServer.
7b9adee861d5e668126c4a179eb39eaad2ab92fa481b23b056ff2cb62d5297a1SAP HANA DB version 1.00.091.00.1418659308 suffers from a user information disclosure vulnerability.
bdc9caa13cd84ad00e89d70d09818e47227a940de378774fee051e8ed6f20745SAP HANA DB version 1.00.73.00.389160 fails to institute any brute force protections for gaining access to the SYSTEM user.
e54c00ad538a9ab4bb746b89bec5d3d9f413b27ed333de41b4692b06ad183cd9Under certain conditions the SAP HANA platform is vulnerable to arbitrary injection in the audit trail, allowing remote authenticated attackers to write arbitrary fields in the SYSLOG. SAP HANA DB version 1.00.73.00.389160 is affected.
90846e12e72d1c8e36bcc61d734f33cd6afd8c1e4ac21415a97d5ee087539cbbUnder certain conditions the SAP HANA platform is vulnerable to arbitrary injection in the audit trail, allowing remote authenticated attackers to write arbitrary fields in the SYSLOG. SAP HANA DB version 1.00.73.00.389160 is affected.
4fde45560f871d006837d95c07be63adc51799cd430904259656550cf718ae3fSAP TREX 7.10 revision 63 suffers from an arbitrary file write vulnerability.
5a99e7f7eae9d9a3066219049450db19d95da02530af7b6a5e101a1da4c7ddffSAP TREX 7.10 revision 63 suffers from a remote file read vulnerability.
e3509536f1ca1b383605ab1ab9d476c85a741c1fa9c35209743c2a2e449c5690SAP TREX 7.10 revision 63 suffers from a remote directory traversal vulnerability.
ba4abc7db7d764d9cf3ca72412bc129f86fb9296f37112f744602a22fb11e0cfSAP TREX 7.10 revision 63 suffers from a remote command execution vulnerability.
57335d49d9f144bf86626dce42926f6e8d20c20f3641c7437a2982b8a8a46953SAP HANA DB version 1.00.091.00.1418659308 suffers from a password disclosure vulnerability.
20d119aebb419f9c23fcacb993de3aea0f03fe535415bd530f18ffac68545a77SAP HANA version 1.00.091.00.1418659308 suffers from a get topology information disclosure vulnerability.
e75c9fed09b354564d28969a1389e8b9410fd2173c6b155ffb2381ac96e43e93Sending a crafted packet to the SAP HANA SQL interface, a remote unauthenticated attacker could fully compromise the platform executing arbitrary code or performing a denial of service rendering the platform unavailable until the next process restart. SAP HANA DB version 1.00.73.00.389160 is affected.
452d1a9996ba393f6b9c5cf4b5b001a36702b192a2e336e89d2fffbec3daa5b4By sending a crafted HTTP packet to the SAP HANA XS Server, a remote unauthenticated attacker could fully compromise the platform executing arbitrary code or performing a denial of service, thus rendering the platform unavailable until the next process restart. SAP HANA DB version 1.00.73.00.389160 is affected.
0595dbe7a6cdc3d86d9fb8380d5ccd7e90d4f8a5331a6fe9508210b22452807fA remote authenticated attacker could render the SAP HANA Platform unavailable to other users until the next process restart due to a memory corruption vulnerability. SAP HANA DB version 1.00.73.00.389160 is affected.
df42acef48541c11c82cd7957ac153921812129c88dc7ce09ffb9228bde5244eDue to a flaw in SAP HANA DB version 1.00.73.00.389160, a remote unauthenticated attacker could read remote logs containing technical information about the system which could help to facilitate further attacks against the system.
fd289a49117a0a823798ba0eed96cdc41815b67bc8c0a02046f5482b8e5ad75b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed