First published: Mon Oct 16 2017(Updated: )
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 2520064.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sap Point Of Sale Xpress Server | =1020 | |
Sap Point Of Sale Xpress Server | =1030 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-15293 is considered a critical vulnerability due to the lack of authentication in SAP POS Xpress Server, allowing unauthorized access.
To mitigate CVE-2017-15293, ensure you apply the latest security patches provided by SAP for the affected versions of SAP POS Xpress Server.
CVE-2017-15293 affects SAP Point Of Sale Xpress Server versions 1020 and 1030.
CVE-2017-15293 allows attackers to perform unauthorized file read and erase operations, daemon shutdown, and terminal read operations.
No, CVE-2017-15293 indicates that no authentication is required for the affected operations in SAP POS Xpress Server.