CVE-2014-6284

Published: Jun 8, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a crafted response, aka SAP Security Note 2113995.

Affected (2)

Products: Sybase: Adaptive Server Enterprise

Sybase

1 product

Adaptive Server Enterprise

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sybase Adaptive Server Enterprise	Up to 15.7
Sybase Adaptive Server Enterprise	Version 16.0

Related CWEs

CWE-264

References (2)

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-004/?fid=6200

Source: cve@mitre.org

Exploit

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-004/?fid=6200

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.