Lucene search
China National Vulnerability DatabaseCNVD-2023-28120HistoryMar 16, 2023 - 12:00 a.m.
SAP NetWeaver AS Java Access Control Error Vulnerability
2023-03-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
sap netweaver
access control
vulnerability
java runtime
application server
authentication checks
attackers
server data
0.001 Low
EPSS
Percentile
30.0%
SAP NetWeaver AS Java is a German SAP (SAP) company provides a Java runtime environment for the application server. The product is mainly used to develop and run Java EE applications. An access control error vulnerability exists in SAP NetWeaver AS Java version 7.50, which stems from the fact that no authentication checks are performed for functions that require user identity and can be exploited by attackers to read non-sensitive server data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sap netweaver application server java | eq | 7.50 |
Related
prion
prion
Authentication flaw
2023-03-14 05:15:00
cve
cve
CVE-2023-24526
2023-03-14 05:15:29
nvd
nvd
CVE-2023-24526
2023-03-14 05:15:29
cvelist
cvelist
nessus
nessus
SAP NetWeaver AS Java Multiple Vulnerabilities (March 2023)
2023-03-16 00:00:00