Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2748

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-2748
Last Modified 24 Apr 2014 01:06:31
Published 10 Apr 2014 04:55:06
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2748

Summary

The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Sap Enhancement Package 6.0


References

MISC - https://service.sap.com/sap/support/notes/1926485

MISC - http://www.onapsis.com/research-advisories.php

MISC - http://www.onapsis.com/get.php?resid=adv_onapsis-2014-002

SECUNIA - 57741

XF - sap-ehp-log-sec-bypass(92334)


Last Updated: 27 May 2016 11:04:54