Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sybase EAServer管理器连接缓存口令泄露漏洞
Vulnerability Description
Sybase EAServer是高性能、可伸缩、安全、开放的应用服务器,适用于适用多层架构的电子门户和互联商务解决方案。 Sybase EAServer在对缓存访问的处理上存在漏洞,攻击者可能利用此漏洞获取数据库的非授权访问。 EAServer管理器允许用户通过对话框看到连接缓存,而缓存中可能存储了口令。在正常环境下用户是无法看到口令的,但由于一个安全漏洞,拥有guest权限的用户可以找到口令,然后获取对受保护数据库的非授权访问。
CVSS Information
N/A
Vulnerability Type
N/A