Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authentication check in SAP NetWeaver Process Integration (Message Display Tool)
Vulnerability Description
The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does not perform authentication checks for certain functionalities that require user identity. An unauthenticated user might access technical data about the product status and its configuration. The vulnerability does not allow access to sensitive information or administrative functionalities. On successful exploitation an attacker can cause limited impact on confidentiality and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
SAP NetWeaver Process Integration 访问控制错误漏洞
Vulnerability Description
SAP NetWeaver Process Integration(PI)是德国思爱普(SAP)公司的一套SAP企业应用程序集成软件,是NetWeaver产品组的一个组件。该组件主要用于内部系统与外部的信息交换。 SAP NetWeaver Process Integration 存在访问控制错误漏洞,该漏洞源于不对需要用户身份的某些功能执行身份验证检查。
CVSS Information
N/A
Vulnerability Type
N/A