N/A

The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908.

N/A

N/A

SAP NetWeaver AS JAVA P4 SERVERCORE组件安全漏洞

SAP NetWeaver是德国思爱普（SAP）公司的一套面向服务的集成化应用平台，该平台可为SAP应用提供开发和运行环境。SAP NetWeaver AS（Application Server）Java P4是一款运行于NetWeaver中且基于Java编程语言的应用服务器。SERVERCORE是其中的一个服务器安装选项。 SAP NetWeaver AS JAVA P4中的SERVERCORE组件的function msp(又名MSPRuntimeInterface)存在安全漏洞。远程攻击者可利用该漏

N/A

N/A