Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Access Control in SAP NetWeaver AS Java (Object Analyzing Service)
Vulnerability Description
SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does not perform necessary authorization checks, allowing an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access a service which will enable them to access but not modify server settings and data with no effect on availability., resulting in escalation of privileges.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
访问控制不恰当
Vulnerability Title
SAP NetWeaver Application Server Java 访问控制错误漏洞
Vulnerability Description
SAP NetWeaver Application Server Java是德国思爱普(SAP)公司的一款提供了Java运行环境的应用程序服务器。该产品主要用于开发和运行Java EE应用程序。 SAP NetWeaver AS Java 7.50版本存在访问控制错误漏洞,该漏洞源于未执行必要的授权检查。攻击者可利用该漏洞连接到开放端口,利用开放命名和目录API访问服务器数据。
CVSS Information
N/A
Vulnerability Type
N/A