Information disclosure

2021-06-0914:15:00

PRIOn knowledge base

www.prio-n.com

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON

Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server for Java, versions - 7.11,7.20,7.30,7.31,7.40 and 7.50 allows attackers to access restricted information by entering malicious server name.

CPENameOperatorVersion
netweaver_application_server_for_javaeq7.20
netweaver_application_server_for_javaeq7.30
netweaver_application_server_for_javaeq7.31
netweaver_application_server_for_javaeq7.40
netweaver_application_server_for_javaeq7.11
netweaver_application_server_for_javaeq7.50

Name	Operator	Version
netweaver_application_server_for_java	eq	7.20
netweaver_application_server_for_java	eq	7.30
netweaver_application_server_for_java	eq	7.31
netweaver_application_server_for_java	eq	7.40
netweaver_application_server_for_java	eq	7.11
netweaver_application_server_for_java	eq	7.50