Lucene search

[email protected]NVD:CVE-2014-3132

HistoryApr 30, 2014 - 2:22 p.m.

CVE-2014-3132

2014-04-3014:22:07

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0.002

Percentile

56.3%

JSON

SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.

Affected configurations

Nvd

Node

sapbackground_processingMatch-

VendorProductVersionCPE
sapbackground_processing-cpe:2.3:a:sap:background_processing:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sap	background_processing	-	cpe:2.3:a:sap:background_processing:-:::::::*

References

scn.sap.com/docs/DOC-8218

seclists.org/fulldisclosure/2014/Apr/299

www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-006

www.securityfocus.com/bid/67107

service.sap.com/sap/support/notes/1918333

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0.002

Percentile

56.3%

JSON

Related for NVD:CVE-2014-3132

cvelist1 prion1 cve1