MEDIUM🇬🇧 English

CVE-2022-41259

CVSS 6.5v3.1pub. 2022-11-08upd. 2024-11-21

SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • Sap Sql Anywhere

    APP
    Sap
    17.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SQLi
CWE
Referencje

Powiązane podatności

CVE-2022-35299CRITICAL9.8ten sam produkt

SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in m...

CVE-2023-33990HIGH7.8ten sam produkt

SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by ...

CVE-2014-9264HIGH7.5ten sam produkt

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute a...

CVE-2022-27670MEDIUM6.5ten sam produkt

SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a...

CVE-2019-0381MEDIUM5.5ten sam produkt

A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier,...