CVE-2016-7402 in ASE
要約
〜によって MITRE
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.