The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

vulnerability announce CVE-2016-10005 CVE-2016-3684 CVE-2016-3685

SAP: multiples vulnerabilities of December 2016

Synthesis of the vulnerability

Impacted products: Business Objects, Crystal Enterprise, Crystal Reports, SAP ERP, NetWeaver, ASE.
Severity: 3/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 13/12/2016.
Identifiers: CVE-2016-10005, CVE-2016-3684, CVE-2016-3685, ERPSCAN-16-041, VIGILANCE-VUL-21362.

Description of the vulnerability

An attacker can use several vulnerabilities of SAP products.
Complete Vigil@nce bulletin.... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides applications vulnerabilities analysis. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system.