CVE-2016-10310

4.9MEDIUM

Key Information:

Vendor: SAP
Status: Sql Anywhere
Vendor: CVE Published:; 10 April 2017

Summary

Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778.

References

https://erpscan.io/advisories/erpscan-16-024-sap-sql-anyw...

x_refsource_MISC

http://www.securityfocus.com/bid/91197

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 10, 2017
Vulnerability Reserved
Mar 30, 2017