Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Missing Authorization check in a function module in SAP Support Tools Plug-In
Vulnerability Description
Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan subsequent attacks. This vulnerability has a low impact on the confidentiality of the application, with no effect on its integrity or availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
SAP Support Tools Plug-In 安全漏洞
Vulnerability Description
SAP Support Tools Plug-In是德国思爱普(SAP)公司的一个基础组件插件。 SAP Support Tools Plug-In存在安全漏洞,该漏洞源于函数模块缺少授权检查,可能导致经过身份验证的攻击者调用特定函数模块检索系统和配置信息。
CVSS Information
N/A
Vulnerability Type
N/A