Описание
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability.
EPSS
Процентиль: 49%
0.00256
Низкий
8.6 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 8.6
github
около 1 года назад
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated attacker to use a publicly available servlet to download an arbitrary file over the network without any user interaction. This can reveal highly sensitive information with no impact to integrity or availability.
EPSS
Процентиль: 49%
0.00256
Низкий
8.6 High
CVSS3
Дефекты
CWE-22