Predictable Session IDs in Web Database Manager for SAP DB by SAP
CVE-2003-0945

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Db
Vendor: CVE Published:; 15 December 2003

What is CVE-2003-0945?

The Web Database Manager in SAP DB versions prior to 7.4.03.30 suffers from a security weakness where it generates predictable session IDs. This flaw allows remote attackers to gain unauthorized access and perform actions typically reserved for authenticated users. To mitigate this risk, organizations should upgrade to the latest version and apply security best practices to protect their database systems.

References

http://www.atstake.com/research/advisories/2003/a111703-2...

vendor-advisoryx_refsource_ATSTAKE

https://exchange.xforce.ibmcloud.com/vulnerabilities/13774

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 15, 2003
Vulnerability Reserved
Nov 11, 2003