EUVD-2021-20366

Malware in sbrugna...

SAP NetWeaver Administrator Server-Side Request Forgery Vulnerability

SAP NetWeaver Administrator SAP NWA is a Web-based framework tool for administration, configuration, and monitoring from SAP, Germany. A server-side request forgery vulnerability exists in SAP NetWeaver Administrator, which stems from the product's failure to properly validate user input, and can...

The vulnerability of the SAP NetWeaver Administrator software-related to insufficient validation of requests on the server side allows a attacker to execute an SSRF attack.

The vulnerability of the SAP NetWeaver Administrator software relates to insufficient testing of server-side requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

CVE-2024-54197 Server-Side Request Forgery in SAP NetWeaver Administrator (System Overview)

SAP NetWeaver AdministratorSystem Overview allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery SSRF which could have a low impact on integrity...

CVE-2024-54197 Server-Side Request Forgery in SAP NetWeaver Administrator (System Overview)

SAP NetWeaver AdministratorSystem Overview allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in Server-Side Request Forgery SSRF which could have a low impact on integrity...

CVE-2021-33689

When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator Administrator applications, version - 7.50, no security audit log is created. Therefore, security audit log Integrity is impacted...