ID

VAR-190001-0584


TITLE

Unknown vulnerabilities in the SAP J2EE engine

Trust: 0.6

sources: CNVD: CNVD-2011-3061

DESCRIPTION

The SAP J2EE Engine Core is a core component of the SAP NetWeaver application platform. The SAP J2EE engine has security flaws that allow an attacker to compromise an enterprise computer system over the Internet. The impact of this issue is currently unknown. We will update this BID when more information emerges

Trust: 0.99

sources: CNVD: CNVD-2011-3061 // BID: 49048 // IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.8

sources: IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3061

AFFECTED PRODUCTS

vendor:sapmodel:j2ee engine core sp03/7.02/7.01 sp07/7.01/7.00 sp22/7.00 sp02/7.00/6.40 sp26/6.40scope:eqversion:7.30/7.20/7.11/7.10/7.02

Trust: 0.6

vendor:sapmodel:j2ee engine corescope:eqversion:7.30

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:7.20

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:7.11

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:7.10

Trust: 0.3

vendor:sapmodel:j2ee engine core sp03scope:eqversion:7.02

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:7.02

Trust: 0.3

vendor:sapmodel:j2ee engine core sp07scope:eqversion:7.01

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:7.01

Trust: 0.3

vendor:sapmodel:j2ee engine core sp22scope:eqversion:7.00

Trust: 0.3

vendor:sapmodel:j2ee engine core sp02scope:eqversion:7.00

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:7.00

Trust: 0.3

vendor:sapmodel:j2ee engine core sp26scope:eqversion:6.40

Trust: 0.3

vendor:sapmodel:j2ee engine corescope:eqversion:6.40

Trust: 0.3

vendor:sapmodel:j2ee engine core sp03/7.02/7.01 sp07/7.01/7.00 sp22/7.00 sp02/7.00/6.40 sp26/6.40scope:eqversion:7.30/7.20/7.11/7.10/7.02*

Trust: 0.2

sources: IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3061 // BID: 49048

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d
value: MEDIUM

Trust: 0.2

IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d
severity: NONE
baseScore: NONE
vectorString: NONE
accessVector: NONE
accessComplexity: NONE
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: UNKNOWN

Trust: 0.2

sources: IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d

THREAT TYPE

remote ※ local

Trust: 0.6

sources: CNNVD: CNNVD-201108-117

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201108-117

EXTERNAL IDS

db:BIDid:49048

Trust: 1.5

db:CNVDid:CNVD-2011-3061

Trust: 0.8

db:CNNVDid:CNNVD-201108-117

Trust: 0.6

db:IVDid:2E4DD060-1F8D-11E6-ABEF-000C29C66E3D

Trust: 0.2

sources: IVD: 2e4dd060-1f8d-11e6-abef-000c29c66e3d // CNVD: CNVD-2011-3061 // BID: 49048 // CNNVD: CNNVD-201108-117

REFERENCES

url:http://www.reuters.com/article/2011/08/05/sap-security-iduslde7740s920110805https

Trust: 0.6

url:http://www.securityfocus.com/bid/49048

Trust: 0.6

url:https://www.blackhat.com/html/bh-us-11/bh-us-11-briefings.html#polyakov

Trust: 0.3

url:http://www.sap.com/

Trust: 0.3

url:http://www.reuters.com/article/2011/08/05/sap-security-iduslde7740s920110805

Trust: 0.3

sources: CNVD: CNVD-2011-3061 // BID: 49048 // CNNVD: CNNVD-201108-117

CREDITS

Alexander Polyakov

Trust: 0.9

sources: BID: 49048 // CNNVD: CNNVD-201108-117

SOURCES

db:IVDid:2e4dd060-1f8d-11e6-abef-000c29c66e3d
db:CNVDid:CNVD-2011-3061
db:BIDid:49048
db:CNNVDid:CNNVD-201108-117

LAST UPDATE DATE

2022-05-17T01:42:56.357000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-3061date:2011-08-08T00:00:00
db:BIDid:49048date:2011-08-05T00:00:00
db:CNNVDid:CNNVD-201108-117date:2011-08-09T00:00:00

SOURCES RELEASE DATE

db:IVDid:2e4dd060-1f8d-11e6-abef-000c29c66e3ddate:2011-08-08T00:00:00
db:CNVDid:CNVD-2011-3061date:2011-08-08T00:00:00
db:BIDid:49048date:2011-08-05T00:00:00
db:CNNVDid:CNNVD-201108-117date:1900-01-01T00:00:00