Описание
SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.
Ссылки
- Permissions RequiredVendor Advisory
- Vendor Advisory
- Permissions RequiredVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:netweaver_abap:740:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:750:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:787:*:*:*:*:*:*:*
EPSS
Процентиль: 62%
0.00424
Низкий
4.7 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 4.7
github
почти 4 года назад
SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.
EPSS
Процентиль: 62%
0.00424
Низкий
4.7 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-601