Описание
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Broken LinkThird Party Advisory
- Broken LinkThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 7.10 (включая) до 7.50 (включая)
cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*
EPSS
Процентиль: 98%
0.62285
Средний
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
fstec
почти 10 лет назад
Уязвимость программной интеграционной платформы SAP NetWeaver, позволяющая нарушителю получить доступ к защищаемой информации
EPSS
Процентиль: 98%
0.62285
Средний
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
CWE-200