Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
[CVE-2024-34692] Unrestricted File upload vulnerability in SAP Enable Now
Vulnerability Description
Due to missing verification of file type or content, SAP Enable Now allows an authenticated attacker to upload arbitrary files. These files include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an attacker can cause limited impact on confidentiality and Integrity of the application.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
SAP Enable Now 代码问题漏洞
Vulnerability Description
SAP Enable Now是德国思爱普(SAP)公司的一套协作内容创作、管理和共享平台。该平台主要用于SAP和非SAP系统的在线学习和培训等。 SAP Enable Now 存在代码问题漏洞,该漏洞源于缺少文件类型或内容的验证,允许经过身份验证的攻击者上传任意文件,这些文件包括可能被用户下载和执行的可执行文件,可能托管恶意软件,成功利用可能导致对应用程序的机密性和完整性产生有限影响。
CVSS Information
N/A
Vulnerability Type
N/A