CVE-2015-5067

The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 80%
VendorProductVersion
sapnetweaver
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html
http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015
http://www.securityfocus.com/bid/75165
https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/
https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/
http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html
http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015
http://www.securityfocus.com/bid/75165
https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/
https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/