Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Information Disclosure vulnerability through Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP
Vulnerability Description
In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call (RFC) request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely compromise the remote service, potentially resulting in a significant impact on the confidentiality, integrity, and availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
动态识别变量的控制不恰当
Vulnerability Title
SAP NetWeaver Application Server 安全漏洞
Vulnerability Description
SAP NetWeaver Application Server是德国思爱普(SAP)公司的一款应用程序服务器。 SAP NetWeaver Application Server存在安全漏洞,该漏洞源于允许经过身份验证的攻击者制作对受限目的地的远程函数调用(RFC)请求,该请求可用于暴露远程服务的凭据。
CVSS Information
N/A
Vulnerability Type
N/A