Unrated severityNVD Advisory· Published Feb 8, 2012· Updated Apr 29, 2026

CVE-2011-5078

Description

The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD# 3 and 7.0 before ESD# 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP requests, aka Bug IDs 678497 and 678499.

Affected products

Sybase/M Business Anywhere2 versions
cpe:2.3:a:sybase:m-business_anywhere:6.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sybase:m-business_anywhere:6.7:*:*:*:*:*:*:*
- cpe:2.3:a:sybase:m-business_anywhere:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.sybase.com/detailnvdVendor Advisory
www.verisigninc.com/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000