Описание
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.
EPSS
8.5 High
CVSS3
Дефекты
Связанные уязвимости
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.
Уязвимость сервера программной интеграционной платформы SAP NetWeaver Application ABAP, связанная с неверным управлением генерацией кода, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность защищаемой информации
EPSS
8.5 High
CVSS3