漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Information Disclosure in NetWeaver AS Java Logon
Vulnerability Description
The unauthenticated attacker in NetWeaver AS Java Logon application - version 7.50, can brute force the login functionality to identify the legitimate user ids. This will have an impact on confidentiality but there is no other impact on integrity or availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
过多认证尝试的限制不恰当
Vulnerability Title
SAP NetWeaver AS Java Logon 安全漏洞
Vulnerability Description
SAP NetWeaver AS是德国思爱普(SAP)公司的一款SAP网络应用服务器。它不仅能提供网络服务,且还是SAP软件的基本平台。 SAP NetWeaver AS Java Logon 7.50版本存在安全漏洞。攻击者利用该漏洞可以暴力破解登录功能以识别合法用户ID。
CVSS Information
N/A
Vulnerability Type
N/A