Lucene search

[email protected]CVE-2014-2752

HistoryApr 10, 2014 - 8:55 p.m.

CVE-2014-2752

2014-04-1020:55:00

CWE-255

[email protected]

web.nvd.nist.gov

sap

business object processing framework

bopf

abap

hardcoded credentials

remote attackers

nvd

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.

CPENameOperatorVersion
sap:business_object_processing_framework_for_abapsap business object processing framework for abapeq-

CPE	Name	Operator	Version
sap:business_object_processing_framework_for_abap	sap business object processing framework for abap	eq	-

References

secunia.com/advisories/57736

www.onapsis.com/get.php?resid=adv_onapsis-2014-003

www.onapsis.com/research-advisories.php

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2014-2752

cvelist1 prion1