CVE-2016-7402

CVE-2016-7402

EPSS 1.1%

SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-017/?fid=8409 http://www.securityfocus.com/bid/92950