1 results (0.002 seconds)
CVSS: 9.1EPSS: 10%CPEs: 3EXPL: 3
CVSS: 9.1EPSS: 10%CPEs: 3EXPL: 3CVE-2014-0984 – SAP Router - Timing Attack Password Disclosure
https://notcve.org/view.php?id=CVE-2014-0984
16 Apr 2014 — The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack. La función passwordCheck en SAP Router 721 patch 117, 720 patch 411, 710 patch 029, y anteriores termina la valid... • https://packetstorm.news/files/id/126194 • CWE-264: Permissions, Privileges, and Access Controls •