CVE-2003-0943
First published: Fri Nov 21 2003(Updated: )
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP MaxDB | <=7.4.03.29 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2003-0943?
CVE-2003-0943 is classified as a medium severity vulnerability due to its potential to expose sensitive information.
How do I fix CVE-2003-0943?
To fix CVE-2003-0943, users should upgrade SAP DB to version 7.4.03.30 or later, which disables default services.
What services are affected by CVE-2003-0943?
CVE-2003-0943 affects the waecho, Web SQL Interface (websql), and Web Database Manager (webdb) services.
Who is at risk from CVE-2003-0943?
Organizations using SAP DB versions prior to 7.4.03.30 are at risk of CVE-2003-0943.
Can CVE-2003-0943 be exploited remotely?
Yes, CVE-2003-0943 can be exploited remotely, allowing attackers to access internal databases.
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/sap
- product/sap db
- canonical/sap sap db
- canonical/sap maxdb
- version/sap maxdb/7.4.03.29