Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP Netweaver ABAP Application Server 权限许可和访问控制漏洞
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台,该平台可为SAP应用提供开发和运行环境。ABAP Application Server是一款运行于NetWeaver中且基于ABAP高级编程语言的应用服务器。 SAP Netweaver ABAP Application Server的Basis中的ABAP Help文档和翻译工具(BC-DOC-HLP)存在安全漏洞,该漏洞源于程序没有正确限制访问。本地攻击者可借助帮助消息利用该漏洞获取特权,执行ABAP指令。
CVSS Information
N/A
Vulnerability Type
N/A