Описание
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*
EPSS
Процентиль: 97%
0.4395
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
fstec
почти 10 лет назад
Уязвимость программной интеграционной платформы SAP NetWeaver, позволяющая нарушителю выполнить произвольные SQL-команды
EPSS
Процентиль: 97%
0.4395
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-89
CWE-89