The note says:
An authenticated user can create special strings which manipulate the SQL statement being executed to elevate attacker's privileges in the system. The problem is caused by a SQL injection vulnerability.
It doesn't really matter which command is affected, the point is sql injection is possible to get elevated privileges, e.g. sa_role. (Note the comment: "An authenticated user", that means you must already have a valid Sybase login to abuse this bug)
If you want to be save, best to upgrade to a version as suggested in the note
This issue has been fixed in the following SAP ASE versions:
- SAP ASE 16.0 GA PL05
- SAP ASE 15.7 SP130
- SAP ASE 15.5 ESD#5.4
- SAP ASE 15.0.3 ESD#4.4