Vulnerability Description
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Hana | 1.00.73.00.389160 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/92062Third Party AdvisoryVDB Entry
- https://layersevensecurity.com/wp-content/uploads/2015/11/Layer-Seven-Security_SThird Party Advisory
- https://www.onapsis.com/blog/analyzing-sap-security-notes-october-2015Third Party Advisory
- http://www.securityfocus.com/bid/92062Third Party AdvisoryVDB Entry
- https://layersevensecurity.com/wp-content/uploads/2015/11/Layer-Seven-Security_SThird Party Advisory
- https://www.onapsis.com/blog/analyzing-sap-security-notes-october-2015Third Party Advisory
FAQ
What is CVE-2016-6143?
CVE-2016-6143 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
How severe is CVE-2016-6143?
CVE-2016-6143 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-6143?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Hana.