Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insecure Deserialization in SAP NetWeaver Application Server for Java (Log Viewer )
Vulnerability Description
A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can lead to full operating system compromise, granting attackers complete control over the affected system. This results in a severe impact on the confidentiality, integrity, and availability of the application and host environment.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
SAP NetWeaver Application Server for Java 代码问题漏洞
Vulnerability Description
SAP NetWeaver Application Server for Java是德国思爱普(SAP)公司的一个基于Java EE的应用服务器。 SAP NetWeaver Application Server for Java存在代码问题漏洞,该漏洞源于不安全的Java对象反序列化,可能导致操作系统完全破解。
CVSS Information
N/A
Vulnerability Type
N/A