Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insufficient Input Handling in JNDI Operations of SAP Identity Management
Vulnerability Description
Due to insufficient input handling, the SAP Identity Management REST interface allows an authenticated administrator to submit specially crafted malicious REST requests that are processed by JNDI operations without adequate input neutralization. This may lead to limited disclosure or modification of data, resulting in low impact on confidentiality and integrity, with no impact on application availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
数据查询逻辑中特殊元素的不当中和
Vulnerability Title
SAP Identity Management 安全漏洞
Vulnerability Description
SAP Identity Management是德国思爱普(SAP)公司的一套能够嵌入到业务流程中的身份管理应用程序。 SAP Identity Management 存在安全漏洞,该漏洞源于输入处理不足,可能导致已验证管理员提交特制恶意REST请求,对数据机密性和完整性造成低影响。
CVSS Information
N/A
Vulnerability Type
N/A