The web page at NVD - Detail specifies the affected versions. The solution would be to upgrade to a more recent rollup of whatever version of ASE you are running on.
In other words, 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors.
The specific vector in question, network vulnerability not requiring authentication...
So, apply the specific patches and / or upgrade to ASE 16.0 ASAP?
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.