Vulnerability Details CVE-2016-6143
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.065
EPSS Ranking 90.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/92062
- https://layersevensecurity.com/wp-content/uploads/2015/11/Layer-Seven-Security_SAP-Security-Notes_October-2015.pdf
- https://www.onapsis.com/blog/analyzing-sap-security-notes-october-2015
- http://www.securityfocus.com/bid/92062
- https://layersevensecurity.com/wp-content/uploads/2015/11/Layer-Seven-Security_SAP-Security-Notes_October-2015.pdf
- https://www.onapsis.com/blog/analyzing-sap-security-notes-october-2015