Описание
The SAP Netweaver Business Warehouse component does not properly restrict access to the functions in the BW-SYS-DB-DB4 function group, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
The SAP Netweaver Business Warehouse component does not properly restrict access to the functions in the BW-SYS-DB-DB4 function group, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-5174
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94921
- https://service.sap.com/sap/support/notes/1974016
- http://packetstormsecurity.com/files/127671/SAP-Netweaver-Business-Warehouse-Missing-Authorization.html
- http://scn.sap.com/docs/DOC-8218
- http://seclists.org/fulldisclosure/2014/Jul/154
- http://secunia.com/advisories/59635
- http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-026
- http://www.securityfocus.com/bid/68955
EPSS
Процентиль: 63%
0.00447
Низкий
CVE ID
Связанные уязвимости
nvd
больше 11 лет назад
The SAP Netweaver Business Warehouse component does not properly restrict access to the functions in the BW-SYS-DB-DB4 function group, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
EPSS
Процентиль: 63%
0.00447
Низкий