N/A

A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.

N/A

N/A

SAP NetWeaver Application Server for Java 代码问题漏洞

SAP Netweaver是德国思爱普（SAP）公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。SAP NetWeaver Application Server（AS）Java是一款运行于NetWeaver中且基于Java编程语言的应用服务器。 SAP NetWeaver Application Server for Java中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。以下版本受到影响：SAP NetWeaver Applicat

N/A

N/A