Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP NetWeaver 安全漏洞
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台。该平台可为SAP应用提供开发和运行环境。 SAP Netweaver 7.40版本中存在安全漏洞,该漏洞源于在SAP安全审计日志中,程序以non-critical记录DUI和DUJ项目。本地攻击者可借助审计分析报告中的non-critical项目利用该漏洞隐藏拒绝的尝试,执行RFC函数回调。
CVSS Information
N/A
Vulnerability Type
N/A