Sap Netweaver As Java Vulnerabilidad

Cronología

Versión

7.50	24
7.31	15
7.40	15
7.30	13
7.20	10

Contramedidas

Official Fix	18
Temporary Fix	0
Workaround	1
Unavailable	0
Not Defined	24

Explotabilidad

High	3
Functional	0
Proof-of-Concept	2
Unproven	0
Not Defined	38

Vector de acceso

Not Defined	0
Physical	0
Local	0
Adjacent	3
Network	40

Autenticación

Not Defined	0
High	6
Low	12
None	25

La interacción del usuario

Not Defined	0
Required	10
None	33

C3BM Index

El año pasado

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	4
≤5	4
≤6	14
≤7	10
≤8	7
≤9	3
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	5
≤5	3
≤6	15
≤7	9
≤8	8
≤9	2
≤10	1

VulDB

≤1	0
≤2	0
≤3	2
≤4	4
≤5	10
≤6	9
≤7	8
≤8	8
≤9	1
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	3
≤6	4
≤7	8
≤8	8
≤9	1
≤10	2

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	4
≤7	2
≤8	0
≤9	3
≤10	2

Proveedor

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	1

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Explotar día 0

<1k	0
<2k	0
<5k	4
<10k	18
<25k	20
<50k	0
<100k	0
≥100k	1

Explotar hoy

<1k	10
<2k	4
<5k	13
<10k	15
<25k	1
<50k	0
<100k	0
≥100k	0

Explotar el volumen del mercado

El año pasado

🔴 CTI Ocupaciones

Affected Versions (13): 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50

Link to Product Website: https://www.sap.com

Tipo de software: Solution Stack Software

Fecha de publicación	Base	Temp	Vulnerabilidad	0day	Hoy	Exp	Con	CTI	CVE
2024-04-09	7.5	7.4	SAP NetWeaver AS Java User Management Engine User Admin Application escalada de privilegios	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07	CVE-2024-27899
2024-03-12	8.1	8.0	SAP NetWeaver AS Java Administrator Log Viewer Plug-In escalada de privilegios	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	CVE-2024-22127
2024-02-13	6.5	6.4	SAP NetWeaver AS Java User Admin Application cross site scripting	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2024-22126
2024-02-13	6.9	6.8	SAP NetWeaver AS Java Guided Procedures XML External Entity	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2024-24743
2023-11-14	4.5	4.4	SAP NetWeaver AS Java Logon Application divulgación de información	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-42480
2023-10-10	6.9	6.8	SAP NetWeaver AS Java GRMG Heartbeat Application escalada de privilegios	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-42477
2023-09-12	8.5	8.4	SAP CommonCryptoLib escalada de privilegios	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-40309
2023-04-11	5.3	5.2	SAP NetWeaver AS Java for Deploy Service Directory API autenticación débil	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2023-24527
2023-03-14	5.3	5.2	SAP NetWeaver AS Java Object Analyzing Service escalada de privilegios	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-27268
2023-01-27	4.0	4.0	SAP NetWeaver AS JAVA HTTP Request divulgación de información	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2021-33687

33 no se muestran más entradas

🔒 Login Required

You need to signup and login to see more of the remaining 33 results.

más entradas por Sap

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you know our Splunk app?

Download it now for free!