CVE-2014-6284
First published: Mon Jun 08 2015(Updated: )
SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a crafted response, aka SAP Security Note 2113995.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Sybase Adaptive Server Enterprise | <=15.7 | |
| SAP Sybase Adaptive Server Enterprise | =16.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-6284?
CVE-2014-6284 is classified as a medium severity vulnerability due to its potential for unauthorized access.
How do I fix CVE-2014-6284?
To fix CVE-2014-6284, upgrade to SAP Adaptive Server Enterprise 15.7 SP132 or 16.0 SP01 or later versions.
What systems are affected by CVE-2014-6284?
CVE-2014-6284 affects SAP Adaptive Server Enterprise versions before 15.7 SP132 and 16.0 before SP01.
What type of attack does CVE-2014-6284 enable?
CVE-2014-6284 enables remote attackers to bypass authentication mechanisms and gain access to the probe account.
What are the implications of exploiting CVE-2014-6284?
Exploitation of CVE-2014-6284 can lead to unauthorized access, potentially compromising sensitive data and system integrity.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/sybase
- canonical/sap sybase adaptive server enterprise
- version/sap sybase adaptive server enterprise/15.7
- version/sap sybase adaptive server enterprise/16.0