Описание
A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:netweaver_abap:700:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:701:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:702:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:710:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:711:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:730:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:731:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:740:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:751:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:752:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:753:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:754:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:755:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:756:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00362
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 4.9
github
почти 4 года назад
A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756.
EPSS
Процентиль: 58%
0.00362
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-200