Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization check in SAP for Oil & Gas (Transportation and Distribution)
Vulnerability Description
Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP for Oil & Gas 安全漏洞
Vulnerability Description
SAP for Oil & Gas是德国思爱普(SAP)公司的一套企业资源规划(ERP)解决方案。 SAP for Oil & Gas存在安全漏洞,该漏洞源于缺少授权检查,经过身份验证的非管理用户可以调用远程功能,该功能将允许他们删除用户数据表中的非敏感条目。
CVSS Information
N/A
Vulnerability Type
N/A