Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal vulnerability in SAP Master Data Governance
Vulnerability Description
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
SAP Master Data Governance 路径遍历漏洞
Vulnerability Description
SAP Master Data Governance是德国思爱普(SAP)公司的一套用于维护、验证和分发主数据的数据管理工具。 SAP Master Data Governance存在路径遍历漏洞,该漏洞源于File Upload功能对用户提供的路径信息验证不足,导致存在路径遍历漏洞。受影响的产品和版本:SAP Master Data Governance 731版本, 732版本, 746版本, 747版本, 748版本, 749版本, 800版本, 751版本, 752版本, 801版本, 802版本
CVSS Information
N/A
Vulnerability Type
N/A