5 matches found
CVE-2024-47588
In SAP NetWeaver Java Software Update Manager 1.1, under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local access to the server, authenticated as a non-administrative user, can acquire the credentials from the...
CVE-2024-47588
creationtimestamp| type| source ---|---|--- 2024-11-12 00:31:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113467161826048639 2024-11-12 02:58:59+00:00| seen| https://t.me/cvedetector/10562...
CVE-2024-47588
CVE-2024-47588 affects SAP NetWeaver Java (Software Update Manager 1.1). Under certain upgrade-error conditions, credentials are written in plaintext to a log file, enabling a local attacker (authenticated as a non-administrative user) to exfiltrate credentials from logs. The documented impact is...
CVE-2024-47588 Information Disclosure vulnerability in SAP NetWeaver Java (Software Update Manager)
In SAP NetWeaver Java Software Update Manager 1.1, under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local access to the server, authenticated as a non-administrative user, can acquire the credentials from the...
CVE-2024-47588 Information Disclosure vulnerability in SAP NetWeaver Java (Software Update Manager)
In SAP NetWeaver Java Software Update Manager 1.1, under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local access to the server, authenticated as a non-administrative user, can acquire the credentials from the...