CVE-2014-8668

Description

SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/
• http://service.sap.com/sap/support/notes/0002022179
• http://www.securityfocus.com/bid/71032
• https://exchange.xforce.ibmcloud.com/vulnerabilities/98612
• http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/
• http://service.sap.com/sap/support/notes/0002022179
• http://www.securityfocus.com/bid/71032
• https://exchange.xforce.ibmcloud.com/vulnerabilities/98612

CWEs

CWE-89