exploitDog

GHSA-2pg5-747p-43fw

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.

SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.

Ссылки

EPSS

Процентиль: 67%

0.0054

Низкий

CVE ID

Дефекты

CWE-287

Связанные уязвимости

CVE-2020-6309

CVSS3: 7.5

nvd

больше 5 лет назад

SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.

BDU:2021-02161

CVSS3: 7.5

fstec

больше 5 лет назад

Уязвимость компонента ENGINEAPI сервера веб-приложений SAP NetWeaver Java Application Server позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 67%

0.0054

Низкий

CVE ID

Дефекты

CWE-287