Details of VAR-200611-0421

ID

VAR-200611-0421

CVE

CVE-2006-6010

TITLE

SAP Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2006-003478

DESCRIPTION

SAP allows remote attackers to obtain potentially sensitive information such as operating system and SAP version via an RFC_SYSTEM_INFO RfcCallReceive request, a different vulnerability than CVE-2003-0747

Trust: 1.89

sources: NVD: CVE-2006-6010 // JVNDB: JVNDB-2006-003478 // BID: 87361

AFFECTED PRODUCTS

vendor:	sap	model:	web application server	scope:	-	version:	-	Trust: 1.4
vendor:	sap	model:	web application server	scope:	eq	version:	*	Trust: 1.0
vendor:	sap	model:	web application server	scope:	eq	version:	0	Trust: 0.3

sources: BID: 87361 // JVNDB: JVNDB-2006-003478 // CNNVD: CNNVD-200611-324 // NVD: CVE-2006-6010

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-6010
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2006-6010
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200611-324
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2006-6010
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: JVNDB: JVNDB-2006-003478 // CNNVD: CNNVD-200611-324 // NVD: CVE-2006-6010

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6010

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200611-324

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200611-324

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-003478

PATCH

title:

Top Page

url:

http://www.sap.com/index.epx

Trust: 0.8

sources: JVNDB: JVNDB-2006-003478

EXTERNAL IDS

db:	NVD	id:	CVE-2006-6010	Trust: 2.7
db:	SREASON	id:	1889	Trust: 1.9
db:	XF	id:	39997	Trust: 0.9
db:	JVNDB	id:	JVNDB-2006-003478	Trust: 0.8
db:	BUGTRAQ	id:	20061112 OLD SAP EXPLOITS	Trust: 0.6
db:	CNNVD	id:	CNNVD-200611-324	Trust: 0.6
db:	BID	id:	87361	Trust: 0.3

sources: BID: 87361 // JVNDB: JVNDB-2006-003478 // CNNVD: CNNVD-200611-324 // NVD: CVE-2006-6010

REFERENCES

url:	http://securityreason.com/securityalert/1889	Trust: 1.9
url:	http://www.securityfocus.com/archive/1/451378/100/0/threaded	Trust: 1.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/39997	Trust: 1.0
url:	http://xforce.iss.net/xforce/xfdb/39997	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/451378/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6010	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6010	Trust: 0.8

sources: BID: 87361 // JVNDB: JVNDB-2006-003478 // CNNVD: CNNVD-200611-324 // NVD: CVE-2006-6010

CREDITS

Unknown

Trust: 0.3

sources: BID: 87361

SOURCES

db:	BID	id:	87361
db:	JVNDB	id:	JVNDB-2006-003478
db:	CNNVD	id:	CNNVD-200611-324
db:	NVD	id:	CVE-2006-6010

LAST UPDATE DATE

2024-08-14T14:08:59.909000+00:00

SOURCES UPDATE DATE

db:	BID	id:	87361	date:	2006-11-21T00:00:00
db:	JVNDB	id:	JVNDB-2006-003478	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200611-324	date:	2007-01-04T00:00:00
db:	NVD	id:	CVE-2006-6010	date:	2018-10-17T21:46:15.203

SOURCES RELEASE DATE

db:	BID	id:	87361	date:	2006-11-21T00:00:00
db:	JVNDB	id:	JVNDB-2006-003478	date:	2012-12-20T00:00:00
db:	CNNVD	id:	CNNVD-200611-324	date:	2006-11-21T00:00:00
db:	NVD	id:	CVE-2006-6010	date:	2006-11-21T23:07:00