Server-Side Request Forgery (SSRF) in SAP CRM ABAP (Insights Management)

SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of the application.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

服务端请求伪造(SSRF)

SAP CRM 代码问题漏洞

SAP CRM是德国思爱普（SAP）公司的一个客户关系管理系统。 SAP CRM 存在代码问题漏洞。经过身份验证的攻击者利用该漏洞可以通过特制的 HTTP 请求枚举内部网络中的 HTTP 端点。

N/A

N/A