{"api_version":"1","generated_at":"2026-05-15T15:45:40+00:00","cve":"CVE-2013-7245","urls":{"html":"https://cve.report/CVE-2013-7245","api":"https://cve.report/api/cve/CVE-2013-7245.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-7245","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-7245"},"summary":{"title":"CVE-2013-7245","description":"The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2018-04-24 20:29:00","updated_at":"2018-06-13 11:46:00"},"problem_types":["CWE-285"],"metrics":[],"references":[{"url":"http://blog.spiderlabs.com/2014/01/sap-sybase-ase-157-security-updates.html","name":"http://blog.spiderlabs.com/2014/01/sap-sybase-ase-157-security-updates.html","refsource":"MISC","tags":["Third Party Advisory"],"title":"SAP Sybase ASE 15.7 security updates - SpiderLabs Anterior","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-035.txt","name":"https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-035.txt","refsource":"MISC","tags":["Third Party Advisory"],"title":"","mime":"text/x-c","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-7245","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7245","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"7245","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sybase","cpe5":"adaptive_server_enterprise","cpe6":"15.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7245","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sybase","cpe5":"adaptive_server_enterprise","cpe6":"15.7","cpe7":"sp50","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7245","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sybase","cpe5":"adaptive_server_enterprise","cpe6":"15.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"7245","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"sybase","cpe5":"adaptive_server_enterprise","cpe6":"15.7","cpe7":"sp50","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2013-7245","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-035.txt","refsource":"MISC","url":"https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-035.txt"},{"name":"http://blog.spiderlabs.com/2014/01/sap-sybase-ase-157-security-updates.html","refsource":"MISC","url":"http://blog.spiderlabs.com/2014/01/sap-sybase-ase-157-security-updates.html"}]}},"nvd":{"publishedDate":"2018-04-24 20:29:00","lastModifiedDate":"2018-06-13 11:46:00","problem_types":["CWE-285"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sybase:adaptive_server_enterprise:15.7:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:sybase:adaptive_server_enterprise:15.7:sp50:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"7245","Ordinal":"67585","Title":"CVE-2013-7245","CVE":"CVE-2013-7245","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"7245","Ordinal":"1","NoteData":"The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.","Type":"Description","Title":null},{"CveYear":"2013","CveId":"7245","Ordinal":"2","NoteData":"2018-04-24","Type":"Other","Title":"Published"},{"CveYear":"2013","CveId":"7245","Ordinal":"3","NoteData":"2018-04-24","Type":"Other","Title":"Modified"}]}}}