CVE-2013-6859

Published: Nov 23, 2013Modified: Apr 29, 2026

8.5

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability: 6.8 / Impact: 10.0

Source: NVD

Description

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authenticated users to gain privileges via unspecified vectors.

Affected (3)

Products: Sybase: Adaptive Server Enterprise

1 product

Adaptive Server Enterprise

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Sybase Adaptive Server Enterprise	Version 15.0.3
Sybase Adaptive Server Enterprise	Version 15.5
Sybase Adaptive Server Enterprise	Version 15.7

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (8)

http://scn.sap.com/docs/DOC-8218

Source: cve@mitre.org

http://secunia.com/advisories/55537

Source: cve@mitre.org

Vendor Advisory

http://www.sybase.com/detail?id=1099371

Source: cve@mitre.org

Vendor Advisory

https://service.sap.com/sap/support/notes/1849356

Source: cve@mitre.org

http://scn.sap.com/docs/DOC-8218

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/55537

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.sybase.com/detail?id=1099371

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://service.sap.com/sap/support/notes/1849356

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.