Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform
Vulnerability Description
The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. By sending a crafted packet in the function module targeting specific parameters, the specific targeted user will no longer have access to any functionality of SAP GUI. There is low impact on integrity and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP NetWeaver Application Server 安全漏洞
Vulnerability Description
SAP NetWeaver Application Server是德国思爱普(SAP)公司的一款应用程序服务器。 SAP NetWeaver Application Server存在安全漏洞,该漏洞源于RFC启用的功能模块允许低特权用户对任何用户执行拒绝服务,并且还可以更改或删除喜爱的节点。
CVSS Information
N/A
Vulnerability Type
N/A