Описание
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
7.7 High
CVSS3
6.5 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
EPSS
Процентиль: 49%
0.00256
Низкий
7.7 High
CVSS3
6.5 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
NVD-CWE-noinfo