Описание
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312.
Комментарий
Ссылки
- Third Party Advisory
- Broken Link
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- Broken Link
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00054
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
CVSS3: 3.3
github
больше 3 лет назад
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312.
EPSS
Процентиль: 17%
0.00054
Низкий
3.3 Low
CVSS3
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other