exploitDog

GHSA-h8pf-m8cc-p8xp

Опубликовано: 08 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

Ссылки

EPSS

Процентиль: 36%

0.00149

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-502

Связанные уязвимости

CVE-2025-42966

CVSS3: 9.1

nvd

7 месяцев назад

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability of the application.

BDU:2025-10644

CVSS3: 9.1

fstec

7 месяцев назад

Уязвимость программной интеграционной платформы SAP NetWeaver, связанная с недостатками механизма десериализации, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 36%

0.00149

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-502