Vulnerabilities > SAP > Afaria > 7.0.6001.5

DATE CVE VULNERABILITY TITLE RISK
2016-01-08 CVE-2015-8753 Permissions, Privileges, and Access Controls vulnerability in SAP Afaria 7.0.6001.5
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
network
low complexity
sap CWE-264
critical
 9.4
9.4
2015-04-01 CVE-2015-2820 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Afaria 7.0.6001.5
Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a crafted request, aka SAP Security Note 2132584.
network
low complexity
sap CWE-119
5.0
5.0
2015-04-01 CVE-2015-2816 Improper Access Control vulnerability in SAP Afaria 7.0.6001.5
The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote attackers to have unspecified impact via a crafted request, aka SAP Security Note 2134905.
network
low complexity
sap CWE-284
7.5
7.5