CVE-2003-0943
Published Dec 15, 2003
Last updated 16 years ago
Overview
- Description
- web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sap_db:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F09D1B2-0704-427B-BE35-357E9C29E504",
"versionEndIncluding": "7.4.03.29"
}
],
"operator": "OR"
}
]
}
]