ID
VAR-201106-0382
TITLE
SAP Netweaver Multiple Vulnerabilities
Trust: 0.3
sources:
BID: 48351
DESCRIPTION
SAP Netweaver is prone to multiple cross-site scripting vulnerabilities, an information-disclosure vulnerability, and an authentication-bypass vulnerability. An attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or bypass certain security restrictions.
Trust: 0.3
sources:
BID: 48351
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.30 | Trust: 0.3 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.10 | Trust: 0.3 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.02 | Trust: 0.3 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.01 | Trust: 0.3 |
| vendor: | sap | model: | netweaver sp8 | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | sap | model: | netweaver sp15 | scope: | eq | version: | 7.0 | Trust: 0.3 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.0 | Trust: 0.3 |
sources:
BID: 48351
THREAT TYPE
network
Trust: 0.3
sources:
BID: 48351
TYPE
Unknown
Trust: 0.3
sources:
BID: 48351
EXTERNAL IDS
| db: | BID | id: | 48351 | Trust: 0.3 |
sources:
BID: 48351
REFERENCES
| url: | http://dsecrg.com/pages/vul/show.php?id=323 | Trust: 0.3 |
| url: | http://dsecrg.com/pages/vul/show.php?id=324 | Trust: 0.3 |
| url: | http://dsecrg.com/pages/vul/show.php?id=325 | Trust: 0.3 |
| url: | http://dsecrg.com/pages/vul/show.php?id=326 | Trust: 0.3 |
| url: | http://www.sap.com/platform/netweaver/index.epx | Trust: 0.3 |
sources:
BID: 48351
CREDITS
Alexander Polyakov and Dmitriy Evdokimov from DSecRG
Trust: 0.3
sources:
BID: 48351
SOURCES
| db: | BID | id: | 48351 |
LAST UPDATE DATE
2022-05-17T01:46:44.541000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 48351 | date: | 2011-06-17T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 48351 | date: | 2011-06-17T00:00:00 |