CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-5067

The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 80.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html
http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015
http://www.securityfocus.com/bid/75165
https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/
https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/
http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html
http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015
http://www.securityfocus.com/bid/75165
https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/
https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/

Products affected by CVE-2015-5067

Sap » Netweaver » Version: N/A

cpe:2.3:a:sap:netweaver:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5067

Products

Pricing

Contact Us