Описание
SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on confidentiality with no effect on integrity or availability of the application.
Ссылки
- Permissions Required
- Patch
Уязвимые конфигурации
Одно из
EPSS
5 Medium
CVSS3
4.3 Medium
CVSS3
Дефекты
Связанные уязвимости
SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on confidentiality with no effect on integrity or availability of the application.
Уязвимость программной интеграционной платформы SAP NetWeaver, связанная с отсутствием авторизации, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации
EPSS
5 Medium
CVSS3
4.3 Medium
CVSS3