Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authentication check in SAP NetWeaver Enterprise Portal
Vulnerability Description
In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an open interface and make use of an open API to access a service which will enable them to access or modify server settings and data, leading to limited impact on confidentiality and integrity.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
SAP NetWeaver Enterprise Portal 访问控制错误漏洞
Vulnerability Description
SAP NetWeaver Enterprise Portal是德国思爱普(SAP)公司的一个 SAP NetWeaver的 Web 前端组件。 SAP NetWeaver Enterprise Portal 7.50版本存在访问控制错误漏洞。攻击者利用该漏洞可以附加到开放接口并使用开放API访问服务,从而能够访问或修改服务器设置和数据。
CVSS Information
N/A
Vulnerability Type
N/A