Vulnerability Description
SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authenticated users to gain privileges via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sybase | Adaptive Server Enterprise | 15.0.3 |
Related Weaknesses (CWE)
References
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/55537Vendor Advisory
- http://www.sybase.com/detail?id=1099371Vendor Advisory
- https://service.sap.com/sap/support/notes/1849356
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/55537Vendor Advisory
- http://www.sybase.com/detail?id=1099371Vendor Advisory
- https://service.sap.com/sap/support/notes/1849356
FAQ
What is CVE-2013-6859?
CVE-2013-6859 is a vulnerability with a CVSS score of 8.5 (HIGH). SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authen...
How severe is CVE-2013-6859?
CVE-2013-6859 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-6859?
Check the references section above for vendor advisories and patch information. Affected products include: Sybase Adaptive Server Enterprise.