N/A

SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker with administrator privileges to access user sensitive data such as passwords in trace files, when the user logs in and sends request with login credentials, leading to Information Disclosure.

N/A

N/A

SAP NetWeaver AS Java 信息泄露漏洞

SAP Netweaver是德国思爱普（SAP）公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。SAP NetWeaver Application Server（AS）Java是一款运行于NetWeaver中且基于Java编程语言的应用服务器。 SAP NetWeaver AS Java (HTTP Service)中存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。以下产品及版本受到影响：SAP Net

N/A

N/A