Lucene search

MitreCVE-2003-0747

HistoryOct 20, 2003 - 4:00 a.m.

CVE-2003-0747

2003-10-2004:00:00

mitre

web.nvd.nist.gov

sap

its

wgate.dll

cve-2003-0747

information disclosure

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.938

Percentile

99.2%

JSON

wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message.

Affected configurations

Nvd

Node

sapinternet_transaction_serverMatch4620.2.0.323011

VendorProductVersionCPE
sapinternet_transaction_server4620.2.0.323011cpe:2.3:a:sap:internet_transaction_server:4620.2.0.323011:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	internet_transaction_server	4620.2.0.323011	cpe:2.3:a:sap:internet_transaction_server:4620.2.0.323011:::::::*

References

archives.neohapsis.com/archives/bugtraq/2003-08/0361.html

www.securityfocus.com/bid/8515

exchange.xforce.ibmcloud.com/vulnerabilities/13063

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.938

Percentile

99.2%

JSON

Related for CVE-2003-0747