Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
Vulnerability Description
SAP NetWeaver ABAP Server and ABAP Platform - versions SAP_BASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
使用捕获-重放进行的认证绕过
Vulnerability Title
SAP NetWeaver和SAP NetWeaver ABAP Server 安全漏洞
Vulnerability Description
SAP NetWeaver和SAP NetWeaver ABAP Server都是德国思爱普(SAP)公司的产品。SAP NetWeaver是一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。SAP NetWeaver ABAP Server是一个用作 SAP 产品的 Web 应用程序服务器。 SAP NetWeaver ABAP Server和ABAP Platform若干版本存在安全漏洞,该漏洞源于其以一种模糊格式创建关于系统身份的信息可能导致捕获-重放漏洞,并可能被恶意用户
CVSS Information
N/A
Vulnerability Type
N/A