CVE-2015-7731

Published: Aug 9, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830.

Affected (1)

Products: Sap: Mobile Platform

Sap

1 product

Mobile Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Mobile Platform	Version 3.0 05

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://seclists.org/bugtraq/2015/Aug/39

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://www.onapsis.com/research/security-advisories/SAP-Mobile-Platform-DataVault-Keystream-Recovery

Source: cve@mitre.org

Product

https://seclists.org/bugtraq/2015/Aug/39

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://www.onapsis.com/research/security-advisories/SAP-Mobile-Platform-DataVault-Keystream-Recovery

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.