Lucene search

[email protected]NVD:CVE-2013-7364

HistoryApr 10, 2014 - 8:55 p.m.

CVE-2013-7364

2014-04-1020:55:06

CWE-264

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.

Affected configurations

NVD

Node

sapnetweaverMatch-

References

archives.neohapsis.com/archives/bugtraq/2013-02/0133.html

scn.sap.com/docs/DOC-8218

www.onapsis.com/get.php?resid=adv_onapsis-2013-004

www.onapsis.com/research-advisories.php

service.sap.com/sap/support/notes/1682613

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

Related for NVD:CVE-2013-7364

cve1 prion1 cvelist1