CVE-2014-1960

Опубликовано: 14 фев. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.

Ссылки

http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56942
Vendor Advisory
https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/
https://exchange.xforce.ibmcloud.com/vulnerabilities/91093
https://service.sap.com/sap/support/notes/1828885
http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56942
Vendor Advisory
https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/
https://exchange.xforce.ibmcloud.com/vulnerabilities/91093
https://service.sap.com/sap/support/notes/1828885

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_solution_manager:7.0:*:*:*:*:*:*:*

cpe:2.3:a:sap:netweaver_solution_manager:7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00357

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-xh46-6cwm-rgh4

github

больше 3 лет назад