Описание
SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.
Ссылки
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.
Уязвимость компонента Insights Management интеграционного модуля управления взаимоотношениями с клиентами SAP CRM ABAP, позволяющая нарушителю осуществить SSRF-атаку
EPSS
5 Medium
CVSS3