Search criteria
9 vulnerabilities found for sapcar by sap
FKIE_CVE-2022-26100
Vulnerability from fkie_nvd - Published: 2022-03-10 17:47 - Updated: 2024-11-21 06:53
Severity ?
Summary
SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system.
References
| URL | Tags | ||
|---|---|---|---|
| cna@sap.com | https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10 | Vendor Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3111110 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3111110 | Permissions Required, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sapcar:7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "AFC3844F-EA0F-4396-BC12-0D06536AF34D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system."
},
{
"lang": "es",
"value": "SAPCAR - versi\u00f3n 7.22, no contiene suficiente comprobaci\u00f3n de entradas en el archivo SAPCAR. Como resultado, el proceso SAPCAR puede fallar, y el atacante puede obtener acceso privilegiado al sistema"
}
],
"id": "CVE-2022-26100",
"lastModified": "2024-11-21T06:53:25.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-10T17:47:29.180",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3111110"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "cna@sap.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-8852
Vulnerability from fkie_nvd - Published: 2017-05-10 17:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/98350 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/41991/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98350 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/41991/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sapcar:721.510:*:*:*:*:*:*:*",
"matchCriteriaId": "12C0637C-B143-474C-9622-E1BF185BF5AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560."
},
{
"lang": "es",
"value": "SAP SAPCAR 721.510 tiene una vulnerabilidad de desbordamiento de b\u00fafer basada en memoria din\u00e1mica. Podr\u00eda ser explotada con un archivo CAR manipulado recibido de una fuente remota no confiable. El problema es que la longitud de los datos escritos es un n\u00famero arbitrario encontrado dentro del archivo. La respuesta del proveedor es SAP Security Note 2441560."
}
],
"id": "CVE-2017-8852",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-10T17:29:00.187",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98350"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/41991/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-5845
Vulnerability from fkie_nvd - Published: 2016-08-13 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sapcar:-:*:*:*:*:*:*:*",
"matchCriteriaId": "508C338F-B7E9-4BD6-8CCF-C81A981996FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905."
},
{
"lang": "es",
"value": "SAP SAPCAR no comprueba el valor de retorno de operaciones de archivos cuando se extraen archivos, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del programa) a trav\u00e9s de un nombre de archivo inv\u00e1lido en un archivo hist\u00f3rico, tambi\u00e9n conocido como SAP Security Note 2312905."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/252.html\"\u003eCWE-252: Unchecked Return Value\u003c/a\u003e",
"id": "CVE-2016-5845",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-13T01:59:07.650",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92406"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-26100 (GCVE-0-2022-26100)
Vulnerability from cvelistv5 – Published: 2022-03-08 13:35 – Updated: 2024-08-03 04:56
VLAI?
Summary
SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAPCAR",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-08T13:35:56",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-26100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAPCAR",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.22"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-129"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/3111110",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"name": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10",
"refsource": "MISC",
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-26100",
"datePublished": "2022-03-08T13:35:56",
"dateReserved": "2022-02-25T00:00:00",
"dateUpdated": "2024-08-03T04:56:37.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8852 (GCVE-0-2017-8852)
Vulnerability from cvelistv5 – Published: 2017-05-10 17:00 – Updated: 2024-08-05 16:48
VLAI?
Summary
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"name": "41991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"name": "98350",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98350"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-15T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"name": "41991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"name": "98350",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98350"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"name": "41991",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"name": "98350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98350"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8852",
"datePublished": "2017-05-10T17:00:00",
"dateReserved": "2017-05-08T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5845 (GCVE-0-2016-5845)
Vulnerability from cvelistv5 – Published: 2016-08-12 16:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40230",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"name": "92406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92406"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "40230",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"name": "92406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92406"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40230",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"name": "92406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92406"
},
{
"name": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016",
"refsource": "MISC",
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"name": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5845",
"datePublished": "2016-08-12T16:00:00",
"dateReserved": "2016-06-26T00:00:00",
"dateUpdated": "2024-08-06T01:15:09.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-26100 (GCVE-0-2022-26100)
Vulnerability from nvd – Published: 2022-03-08 13:35 – Updated: 2024-08-03 04:56
VLAI?
Summary
SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAPCAR",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-08T13:35:56",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-26100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAPCAR",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.22"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAPCAR - version 7.22, does not contain sufficient input validation on the SAPCAR archive. As a result, the SAPCAR process may crash, and the attacker may obtain privileged access to the system."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-129"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/3111110",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3111110"
},
{
"name": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10",
"refsource": "MISC",
"url": "https://dam.sap.com/mac/embed/public/pdf/a/ucQrx6G.htm?rc=10"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-26100",
"datePublished": "2022-03-08T13:35:56",
"dateReserved": "2022-02-25T00:00:00",
"dateUpdated": "2024-08-03T04:56:37.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8852 (GCVE-0-2017-8852)
Vulnerability from nvd – Published: 2017-05-10 17:00 – Updated: 2024-08-05 16:48
VLAI?
Summary
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.649Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"name": "41991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"name": "98350",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98350"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-15T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"name": "41991",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"name": "98350",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98350"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability"
},
{
"name": "41991",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41991/"
},
{
"name": "98350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98350"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8852",
"datePublished": "2017-05-10T17:00:00",
"dateReserved": "2017-05-08T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5845 (GCVE-0-2016-5845)
Vulnerability from nvd – Published: 2016-08-12 16:00 – Updated: 2024-08-06 01:15
VLAI?
Summary
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:15:09.099Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40230",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"name": "92406",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92406"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "40230",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"name": "92406",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92406"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40230",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40230/"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/46"
},
{
"name": "92406",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92406"
},
{
"name": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016",
"refsource": "MISC",
"url": "https://www.onapsis.com/blog/denial-service-attacks-sap-security-notes-august-2016"
},
{
"name": "20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539180/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html"
},
{
"name": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-5845",
"datePublished": "2016-08-12T16:00:00",
"dateReserved": "2016-06-26T00:00:00",
"dateUpdated": "2024-08-06T01:15:09.099Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}