CVE-2014-6284

EUVD-2014-6169
SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a crafted response, aka SAP Security Note 2113995.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
sybaseadaptive_server_enterprise
𝑥
≤ 15.7
sybaseadaptive_server_enterprise
16.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-004/?fid=6200
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-004/?fid=6200