SQL Injection Vulnerability in SAP Environment, Health, and Safety Management
CVE-2014-8664

Currently unrated

Key Information:

Vendor: SAP
Status: Environment Health And Safety
Vendor: CVE Published:; 6 November 2014

Summary

A SQL injection vulnerability exists within the Product Safety component of SAP's Environment, Health, and Safety Management. This flaw enables remote attackers to issue arbitrary SQL commands through unspecified vectors, potentially jeopardizing the integrity and confidentiality of the database system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98611

vdb-entryx_refsource_XF

http://blog.onapsis.com/analyzing-sap-security-notes-octo...

x_refsource_MISC

http://service.sap.com/sap/support/notes/0001810405

x_refsource_MISC

Timeline

Vulnerability published
Nov 6, 2014
Vulnerability Reserved
Nov 6, 2014