Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Privilege Escalation Vulnerabilities in SAPCAR
Vulnerability Description
SAPCAR allows an attacker logged in with high privileges to create a malicious SAR archive in SAPCAR. This could enable the attacker to exploit critical files and directory permissions without breaking signature validation, resulting in potential privilege escalation. This has high impact on integrity, but low impact on confidentiality and availability of the system.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:L
Vulnerability Type
特权授予不正确
Vulnerability Title
SAP SAPCAR 安全漏洞
Vulnerability Description
SAP SAPCAR是德国思爱普(SAP)公司的一款用于压缩和/或解压缩 SAP 存档文件的实用程序。。 SAP SAPCAR存在安全漏洞,该漏洞源于高权限用户可创建恶意SAR存档,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A