Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-33707

Опубликовано: 10 авг. 2021
Источник: nvd
CVSS3: 6.1
CVSS3: 6.1
CVSS2: 5.8
EPSS Низкий

Описание

SAP NetWeaver Knowledge Management allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via a URL stored in a component. This could enable the attacker to compromise the user's confidentiality and integrity.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sap:netweaver_knowledge_management:7.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_knowledge_management:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_knowledge_management:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_knowledge_management:7.50:*:*:*:*:*:*:*

EPSS

Процентиль: 69%
0.00606
Низкий

6.1 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601

Связанные уязвимости

github логотип

GHSA-7fm7-3fm9-2j98

github
больше 3 лет назад

SAP NetWeaver Knowledge Management allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via a URL stored in a component. This could enable the attacker to compromise the user's confidentiality and integrity.

EPSS

Процентиль: 69%
0.00606
Низкий

6.1 Medium

CVSS3

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601
CWE-601