exploitDog

GHSA-j583-4h4q-5jwm

Опубликовано: 10 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 2.7

Описание

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

Ссылки

EPSS

Процентиль: 25%

0.00086

Низкий

2.7 Low

CVSS3

CVE ID

Дефекты

CWE-862

Связанные уязвимости

CVE-2024-41728

CVSS3: 2.7

nvd

больше 1 года назад

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects.

BDU:2025-12959

CVSS3: 2.7

fstec

больше 1 года назад

Уязвимость программных интеграционных платформ SAP NetWeaver Application Server ABAP и ABAP Platform, связанная с недостатками процедуры авторизации, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации

EPSS

Процентиль: 25%

0.00086

Низкий

2.7 Low

CVSS3

CVE ID

Дефекты

CWE-862