Описание
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.
EPSS
8.5 High
CVSS3
Дефекты
Связанные уязвимости
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.
Уязвимость интерфейса Remote Function Call (RFC) программной интеграционной платформы SAP NetWeaver AS ABAP, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
8.5 High
CVSS3