CVE-2015-8753 : SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and

SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.

Published 2016-01-08 19:59:20

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2015-8753

SAP » Afaria » Version: 7.0.6001.5
cpe:2.3:a:sap:afaria:7.0.6001.5:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-8753

EPSS FAQ

0.47%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 62 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-8753

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.4	HIGH	AV:N/AC:L/Au:N/C:N/I:C/A:C	10.0	9.2	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Complete Availability Impact: Complete
9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H	3.9	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High

CWE ids for CVE-2015-8753

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-8753

https://erpscan.io/advisories/erpscan-15-023-sap-afaria-authorization-bypass-insecure-signature/

[ERPSCAN-15-023] SAP Afaria - Authorization bypass, Insecure signature

Jump to

Vulnerability Details : CVE-2015-8753

Products affected by CVE-2015-8753

Exploit prediction scoring system (EPSS) score for CVE-2015-8753

CVSS scores for CVE-2015-8753

CWE ids for CVE-2015-8753

References for CVE-2015-8753