CVE-2013-6869

2013-11-2319:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.1%

JSON

SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

References

scn.sap.com/docs/DOC-8218

secunia.com/advisories/55736

www.securitytracker.com/id/1029352

erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/

service.sap.com/sap/support/notes/1783795