Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2014-0995 - CERT CVE
CVE-2014-0995
ID
CVE-2014-0995
Sažetak
The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern.
Reference
http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/
http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html
http://seclists.org/fulldisclosure/2014/Oct/76
http://secunia.com/advisories/60950
http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability
http://www.securityfocus.com/archive/1/533719/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/97610
https://twitter.com/SAP_Gsupport/status/522750365780160513
CVSS
Base:
5.0
Impact:
2.9
Exploitability:
10.0
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
NONE
NONE
PARTIAL
CVSS vektor
AV:N/AC:L/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje
13-12-2018 - 18:27
Objavljeno
06-11-2014 - 15:55
