Описание
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability.
EPSS
Процентиль: 54%
0.00321
Низкий
8.6 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.6
github
6 месяцев назад
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability.
EPSS
Процентиль: 54%
0.00321
Низкий
8.6 High
CVSS3
Дефекты
CWE-22