Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/AU:S/C:P/I:N/A:NSAP)
Производитель ПО
Наименование ПО
SAP Notes
(1823566-3)
SAP Support Packages
(SAP_KERNEL_720_32_BIT_SP417_000417, SAP_KERNEL_720_32_BIT_SP999999_999999, SAP_KERNEL_720_32_BIT_UNICODE_SP417_000417, SAP_KERNEL_720_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_720_64_BIT_SP417_000417, SAP_KERNEL_720_64_BIT_SP999999_999999, SAP_KERNEL_720_64_BIT_UNICODE_SP417_000417, SAP_KERNEL_720_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_721_32_BIT_SP110_000110, SAP_KERNEL_721_32_BIT_SP999999_999999, SAP_KERNEL_721_32_BIT_UNICODE_SP110_000110, SAP_KERNEL_721_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_721_64_BIT_SP110_000110, SAP_KERNEL_721_64_BIT_SP999999_999999, SAP_KERNEL_721_64_BIT_UNICODE_SP110_000110, SAP_KERNEL_721_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_721_EXT_32_BIT_SP110_000110, SAP_KERNEL_721_EXT_32_BIT_SP999999_999999, SAP_KERNEL_721_EXT_32_BIT_UC_SP110_000110, SAP_KERNEL_721_EXT_32_BIT_UC_SP999999_999999, SAP_KERNEL_721_EXT_64_BIT_SP110_000110, SAP_KERNEL_721_EXT_64_BIT_SP999999_999999, SAP_KERNEL_721_EXT_64_BIT_UC_SP110_000110, SAP_KERNEL_721_EXT_64_BIT_UC_SP999999_999999, SAP_KERNEL_738_64_BIT_SP014_000014, SAP_KERNEL_738_64_BIT_SP999999_999999, SAP_KERNEL_738_64_BIT_UNICODE_SP014_000014, SAP_KERNEL_738_64_BIT_UNICODE_SP999999_999999, SAPKB70029, SAPKB70114, SAPKB70214, SAPKB71017, SAPKB71112, SAPKB72008, SAPKB73010, SAPKB73108, SAPKB74003)
Описание
Information such as the landscape configuration data and database user passwords can be discovered using SAP Solution Manager.This information may be used by an attacker to further target SAP database.Note that the user and password for database connections created in old versions of SAP Solution Manager are stored in table DBCON instead of separation of the user and connection information apart from the password. These information is kept and may have been residing in your system for ages.
Как исправить
Ссылки