Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DLL Hijacking vulnerability in SAPSetup
Vulnerability Description
Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user�s Windows account could gain higher privileges. With this, he could move laterally within the network and further compromise the active directory of a company. This leads to high impact on confidentiality, integrity and availability of the Windows server.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
SAP SapSetup 代码问题漏洞
Vulnerability Description
SAP SapSetup是德国思爱普(SAP)公司的一个应用程序。用于在 Windows 上安装、更新、维护和分发软件的工具套件。 SAP SapSetup存在代码问题漏洞,该漏洞源于存在DLL注入漏洞,具有本地用户权限或可访问企业用户的攻击者可以获得更高的权限。
CVSS Information
N/A
Vulnerability Type
N/A