CVE-2015-8600

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2015-8600
The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://scn.sap.com/community/security/blog/2015/12/09/sap-security-notes-december-2015--review Vendor Advisory
https://erpscan.io/advisories/10761/
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:mobile_platform:*:*:*:*:*:*:*:*
Information

Published : 2015-12-17 11:59

Updated : 2018-12-10 11:29

NVD link : CVE-2015-8600

Mitre link : CVE-2015-8600

JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa
Products Affected

sap

  • mobile_platform