NVD

Id
21040  
Name
CVE-2016-6147  
Description
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2016-08-05  
Modified Date
2016-11-28  
Seq
2016-6147  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
114520 21040 CVE-2016-6147 http://packetstormsecurity.com/files/138446/SAP-TREX-7.10-Revision-63-Remote-Command-Execution.html  View
114521 21040 CVE-2016-6147 20160819 Onapsis Security Advisory ONAPSIS-2016-034: SAP TREX remote command execution  View
114522 21040 CVE-2016-6147 92066  View
114523 21040 CVE-2016-6147 https://www.onapsis.com/blog/analyzing-sap-security-notes-february-2016  View
114524 21040 CVE-2016-6147 https://www.onapsis.com/research/security-advisories/sap-trex-remote-command-execution-0  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
3402 JVNDB-2016-004175 SAP TREX の不特定のインターフェースにおける SIDadm 権限で任意の OS コマンドを実行される脆弱性 SAP TREX の不特定のインターフェースには、SIDadm 権限で任意の OS コマンドを実行される脆弱性が存在します。 CVE-2016-6147 92654 CVE-2016-6147 21040 10 9.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004175.html 2016-02-10 2016-08-09 View