Lucene search

[email protected]NVD:CVE-2013-5751

HistorySep 16, 2013 - 7:14 p.m.

CVE-2013-5751

2013-09-1619:14:40

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

77.9%

JSON

Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.

Affected configurations

Nvd

Node

sapnetweaverMatch7.0

sapnetweaverMatch7.0ehp1

sapnetweaverMatch7.0ehp2

sapnetweaverMatch7.0sp15

sapnetweaverMatch7.0sp8

sapnetweaverMatch7.01

sapnetweaverMatch7.02

sapnetweaverMatch7.03

sapnetweaverMatch7.10

sapnetweaverMatch7.30

VendorProductVersionCPE
sapnetweaver7.0cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*
sapnetweaver7.0cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*
sapnetweaver7.0cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*
sapnetweaver7.0cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*
sapnetweaver7.0cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*
sapnetweaver7.01cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*
sapnetweaver7.02cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*
sapnetweaver7.03cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*
sapnetweaver7.10cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*
sapnetweaver7.30cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	netweaver	7.0	cpe:2.3:a:sap:netweaver:7.0:::::::*
sap	netweaver	7.0	cpe:2.3:a:sap:netweaver:7.0:ehp1::::::
sap	netweaver	7.0	cpe:2.3:a:sap:netweaver:7.0:ehp2::::::
sap	netweaver	7.0	cpe:2.3:a:sap:netweaver:7.0:sp15::::::
sap	netweaver	7.0	cpe:2.3:a:sap:netweaver:7.0:sp8::::::
sap	netweaver	7.01	cpe:2.3:a:sap:netweaver:7.01:::::::*
sap	netweaver	7.02	cpe:2.3:a:sap:netweaver:7.02:::::::*
sap	netweaver	7.03	cpe:2.3:a:sap:netweaver:7.03:::::::*
sap	netweaver	7.10	cpe:2.3:a:sap:netweaver:7.10:::::::*
sap	netweaver	7.30	cpe:2.3:a:sap:netweaver:7.30:::::::*

References

en.securitylab.ru/lab/PT-2012-24

osvdb.org/97350

scn.sap.com/docs/DOC-8218

secunia.com/advisories/54809

www.securityfocus.com/bid/62391

exchange.xforce.ibmcloud.com/vulnerabilities/87121

websmp230.sap-ag.de/sap/support/notes/1779578

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.006

Percentile

77.9%

JSON

Related for NVD:CVE-2013-5751

cve1 cvelist1 prion1