Description
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).
References (1)
Core 1
Core References
Exploit, Patch, Vendor Advisory vendor-advisory
x_refsource_atstake
http://www.atstake.com/research/advisories/2003/a111703-2.txt
Scores
EPSS
0.0090
EPSS Percentile
75.9%
Details
Status
published
Products (1)
sap/sap_db
< 7.4.03.29
Published
Dec 15, 2003
Tracked Since
Feb 18, 2026