Vulnerability Details CVE-2016-3946
SAP Console (aka SAPConsole) 7.30 allows local users to discover SAP Server login credentials by reading the Windows registry, aka SAP Security Note 2121461.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- http://seclists.org/fulldisclosure/2016/Oct/31
- http://www.securityfocus.com/bid/93509
- https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage
- http://seclists.org/fulldisclosure/2016/Oct/31
- http://www.securityfocus.com/bid/93509
- https://www.onapsis.com/research/security-advisories/sap-console-insecure-password-storage
Products affected by CVE-2016-3946
-
cpe:2.3:a:sap:sapconsole:7.30