漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Denial of service (DOS) in SAP NetWeaver (remote service for Xcelsius)
Vulnerability Description
SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to service disruption or unauthorized system control. This has high impact on integrity and availability, with no impact on confidentiality.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:H
Vulnerability Type
不对称的资源消耗(放大攻击)
Vulnerability Title
SAP NetWeaver 安全漏洞
Vulnerability Description
SAP NetWeaver是德国思爱普(SAP)公司的一套面向服务的集成化应用平台。该平台主要为SAP应用程序提供开发和运行环境。 SAP NetWeaver存在安全漏洞,该漏洞源于输入验证不足和远程方法调用处理不当,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A