Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Server Side Request Forgery(SSRF) vulnerability in SAP BusinessObjects BI Platform Central Management Console Promotion Management Application
Vulnerability Description
SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting crafted requests during job source configuration. By analysing response times for various IP addresses and ports, the attacker can infer valid network endpoints. Successful exploitation may lead to information disclosure. This vulnerability does not impact the integrity or availability of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
SAP CMC Promotion Management 代码问题漏洞
Vulnerability Description
SAP CMC Promotion Management是德国思爱普(SAP)公司的一款用于管理和迁移内容的软件。 SAP CMC Promotion Management存在代码问题漏洞,该漏洞源于已验证攻击者可枚举内部网络系统,可能导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A