CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
32.3%
An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable.
Vendor | Product | Version | CPE |
---|---|---|---|
sap | netweaver_application_server_abap | 702 | cpe:/a:sap:netweaver_application_server_abap:702::: |
sap | netweaver_application_server_abap | 700 | cpe:/a:sap:netweaver_application_server_abap:700::: |
sap | netweaver_application_server_abap | 753 | cpe:/a:sap:netweaver_application_server_abap:753::: |
sap | netweaver_application_server_abap | 701 | cpe:/a:sap:netweaver_application_server_abap:701::: |
sap | netweaver_application_server_abap | 754 | cpe:/a:sap:netweaver_application_server_abap:754::: |
sap | netweaver_application_server_abap | 740 | cpe:/a:sap:netweaver_application_server_abap:740::: |
sap | netweaver_application_server_abap | 750 | cpe:/a:sap:netweaver_application_server_abap:750::: |
sap | netweaver_application_server_abap | 755 | cpe:/a:sap:netweaver_application_server_abap:755::: |
sap | netweaver_application_server_abap | 756 | cpe:/a:sap:netweaver_application_server_abap:756::: |
sap | netweaver_application_server_abap | 752 | cpe:/a:sap:netweaver_application_server_abap:752::: |
[
{
"defaultStatus": "unaffected",
"product": "NetWeaver AS for ABAP and ABAP Platform (SAPRSBRO Program)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "700"
},
{
"status": "affected",
"version": "701"
},
{
"status": "affected",
"version": "702"
},
{
"status": "affected",
"version": "731"
},
{
"status": "affected",
"version": "740"
},
{
"status": "affected",
"version": "750"
},
{
"status": "affected",
"version": "751"
},
{
"status": "affected",
"version": "752"
},
{
"status": "affected",
"version": "753"
},
{
"status": "affected",
"version": "754"
},
{
"status": "affected",
"version": "755"
},
{
"status": "affected",
"version": "756"
},
{
"status": "affected",
"version": "757"
}
]
}
]