cvedb.io
CVE-2017-15293
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-10-16T16:29:00.917 · Last modified 2026-06-17T01:07:32.117

Summary

Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 2520064.

Affected products

sap — point_of_sale_xpress_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.