Strix
26.1K

CVE-2006-6346

UnknownEPSS 2.65%

Last modified

CVE-2006-6346 is a vulnerability of currently unknown severity. Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. EPSS estimates a 2.65% chance of exploitation in the next 30 days.

Description

Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.

Metrics

EPSS Probability
2.65%

83.7th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
SapInternet Graphics Server<= 6.40_patch_15
SapInternet Graphics Server<= 7.00_patch_3

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2006-6346?
Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.
How severe is CVE-2006-6346?
Severity scoring for CVE-2006-6346 is pending analysis. The EPSS model estimates a 2.65% probability of exploitation in the next 30 days.
How do I fix CVE-2006-6346?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-6346?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST