Skip to main content

Adaptive Server Enterprise

30 CVEs product

Monthly

CVE-2022-31595 HIGH This Week

SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Adaptive Server Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-31594 MEDIUM This Month

A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Adaptive Server Enterprise
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2020-6317 LOW Monitor

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Adaptive Server Enterprise
NVD
CVSS 3.1
3.5
EPSS
0.4%
CVE-2020-6295 HIGH This Week

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Adaptive Server Enterprise
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-6259 MEDIUM This Month

Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Adaptive Server Enterprise
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-6253 HIGH This Week

Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Adaptive Server Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2020-6250 MEDIUM This Month

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Adaptive Server Enterprise
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2020-6243 HIGH This Week

Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Code Injection Microsoft Adaptive Server Enterprise
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-6241 HIGH This Week

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Adaptive Server Enterprise
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2019-0402 MEDIUM PATCH This Month

SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2018-2469 HIGH This Week

Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-2468 HIGH This Week

Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-2457 MEDIUM This Month

Under certain conditions SAP Adaptive Server Enterprise, version 16.0, allows some privileged users to access information which would otherwise be restricted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2017-5371 HIGH This Week

Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP Adaptive Server Enterprise
NVD VulDB
CVSS 3.0
7.5
EPSS
4.0%
CVE-2016-7402 CRITICAL Act Now

SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation SAP SQLi Adaptive Server Enterprise
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2014-6284 HIGH POC This Week

SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation SAP Adaptive Server Enterprise
NVD
CVSS 2.0
7.5
EPSS
0.2%
CVE-2015-1310 HIGH This Week

SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ASE) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Adaptive Server Enterprise
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2014-6283 MEDIUM POC This Month

SAP Adaptive Server Enterprise (ASE) 15.7 before SP122 or SP63, 15.5 before ESD#5.4, and 15.0.3 before ESD#4.4 does not properly restrict access, which allows remote authenticated database users to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation SAP Buffer Overflow Adaptive Server Enterprise
NVD
CVSS 2.0
6.5
EPSS
0.9%
CVE-2013-6868 HIGH This Week

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 2.0
7.8
EPSS
0.2%
CVE-2013-6867 HIGH This Week

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service SAP Adaptive Server Enterprise
NVD
CVSS 2.0
7.1
EPSS
0.7%
CVE-2013-6866 CRITICAL Act Now

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection SAP RCE Adaptive Server Enterprise
NVD
CVSS 2.0
9.0
EPSS
1.9%
CVE-2013-6865 CRITICAL Act Now

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection SAP RCE Adaptive Server Enterprise
NVD
CVSS 2.0
9.0
EPSS
2.3%
CVE-2013-6864 MEDIUM This Month

Directory traversal vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal SAP Adaptive Server Enterprise
NVD
CVSS 2.0
6.1
EPSS
0.7%
CVE-2013-6863 CRITICAL Act Now

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to gain privileges via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Adaptive Server Enterprise
NVD
CVSS 2.0
9.0
EPSS
0.5%
CVE-2013-6862 HIGH This Week

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service SAP Adaptive Server Enterprise
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2013-6861 MEDIUM This Month

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2013-6860 MEDIUM This Month

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2013-6859 HIGH This Week

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

SAP Authentication Bypass Adaptive Server Enterprise
NVD
CVSS 2.0
8.5
EPSS
0.6%
CVE-2013-6245 CRITICAL Act Now

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Adaptive Server Enterprise
NVD
CVSS 2.0
10.0
EPSS
8.9%
CVE-2013-6025 MEDIUM POC This Month

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection XXE SAP RCE Adaptive Server Enterprise
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
8.5%
EPSS 1% CVSS 8.8
HIGH This Week

SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass SAP Adaptive Server Enterprise
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Adaptive Server Enterprise
NVD
EPSS 0% CVSS 3.5
LOW Monitor

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Adaptive Server Enterprise
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Adaptive Server Enterprise
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Authentication Bypass Adaptive Server Enterprise
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Adaptive Server Enterprise
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain misconfigured endpoints exposed over the adjacent network, to read system administrator password. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Adaptive Server Enterprise
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Code Injection +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Adaptive Server Enterprise
NVD
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Under certain conditions SAP Adaptive Server Enterprise, version 16.0, allows some privileged users to access information which would otherwise be restricted. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 4% CVSS 7.5
HIGH This Week

Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP Adaptive Server Enterprise
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation SAP SQLi +1
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation SAP Adaptive Server Enterprise
NVD
EPSS 0% CVSS 7.5
HIGH This Week

SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ASE) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Adaptive Server Enterprise
NVD
EPSS 1% CVSS 6.5
MEDIUM POC This Month

SAP Adaptive Server Enterprise (ASE) 15.7 before SP122 or SP63, 15.5 before ESD#5.4, and 15.0.3 before ESD#4.4 does not properly restrict access, which allows remote authenticated database users to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation SAP Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service SAP Adaptive Server Enterprise
NVD
EPSS 2% CVSS 9.0
CRITICAL Act Now

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection SAP RCE +1
NVD
EPSS 2% CVSS 9.0
CRITICAL Act Now

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection SAP RCE +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Directory traversal vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal SAP Adaptive Server Enterprise
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to gain privileges via. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Adaptive Server Enterprise
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service SAP Adaptive Server Enterprise
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Adaptive Server Enterprise
NVD
EPSS 1% CVSS 8.5
HIGH This Week

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

SAP Authentication Bypass Adaptive Server Enterprise
NVD
EPSS 9% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP RCE Adaptive Server Enterprise
NVD
EPSS 8% CVSS 4.0
MEDIUM POC This Month

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection XXE SAP +2
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy