Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal vulnerability in SAP NetWeaver (BI CONT ADD ON)
Vulnerability Description
An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SAP NetWeaver 路径遍历漏洞
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。 SAP NetWeaver 存在路径遍历漏洞,该漏洞源于可以利用目录遍历缺陷来覆盖系统文件。机密文件中的数据无法读取,但某些操作系统文件可能会被覆盖,从而导致系统受损。
CVSS Information
N/A
Vulnerability Type
N/A