Lucene search
K

54 matches found

Prion
Prion
added 2014/04/10 8:55 p.m.10 views

Design/Logic Flaw

Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors...

5CVSS6.9AI score0.01183EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/04/10 3:0 p.m.27 views

CVE-2013-7364

An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors...

6.8AI score0.01527EPSS
Exploits0References5
CVE
CVE
added 2014/04/10 3:0 p.m.42 views

CVE-2013-7357

Technical details about CVE-2013-7357 are not provided in the connected documents; no specifics on affected SAP J2EE Engine components, vectors, or remediation are available. Monitor for updates.

5CVSS6.5AI score0.01183EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/04/10 3:0 p.m.22 views

CVE-2013-7357

Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors...

6.3AI score0.01183EPSS
Exploits0References2
NVD
NVD
added 2013/11/20 2:12 p.m.19 views

CVE-2013-6814

The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information cookies and SAPPASSPORT via unspecified vectors...

5.8CVSS6.4AI score0.01838EPSS
Exploits0References4
Prion
Prion
added 2013/11/20 2:12 p.m.19 views

Design/Logic Flaw

The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information cookies and SAPPASSPORT via unspecified vectors...

5.8CVSS6.8AI score0.01838EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2013/11/19 7:0 p.m.30 views

CVE-2013-6814

The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information cookies and SAPPASSPORT via unspecified vectors...

6.4AI score0.01838EPSS
Exploits0References4
CVE
CVE
added 2013/11/19 7:0 p.m.54 views

CVE-2013-6814

The vulnerability CVE-2013-6814 affects the J2EE Engine in SAP NetWeaver 6.40, 7.02 and earlier. It enables remote attackers to redirect users to arbitrary websites, conduct phishing, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors. The exploited component is th...

5.8CVSS6.5AI score0.01838EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2013/03/03 12:0 a.m.50 views

[Onapsis Security Advisory 2013-002] SAP SDM Denial of Service

Onapsis Security Advisory 2013-002: SAP SDM Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand information on upcoming advisories, presentations and new...

Exploits0
rdot
rdot
added 2011/11/14 12:0 a.m.17 views

[pdf] A crushing blow at the heart of SAP J2EE Engine

Доклад А.Полякова на конференции BlackHat USA 2011. Презентация интересна для тех, кто знает что такое SAP, и в чём принцип уязвимостей SMB Relay и Verb tampering. http://erpscan.ru/wp-content/uploads...2EEEngine.pdf З.Ы. Слушал эту презентацию в реале не на blackhat, к сожалению видео нигде не...

Exploits0
The Hacker News
The Hacker News
added 2011/08/02 11:33 a.m.8 views

On 4th August SAP systems will be hacked on internet in BlackHat USA 2011

On 4th August SAP systems will be hacked on internet in BlackHat USA 2011 On the 4th of august at the world largest technical security conference - BlackHat USA 2011, which will take place in Las Vegas, SAP security expert and CTO of ERPScan Alexander Polyakov will show how any malicious attacker...

7.2AI score
Exploits0
NVD
NVD
added 2010/06/21 7:30 p.m.12 views

CVE-2010-2347

The Telnet interface in the SAP J2EE Engine Core SAP-JEECOR 6.40 through 7.02, and Server Core SERVERCORE 7.10 through 7.30 allows remote authenticated users to bypass a security check and conduct SMB relay attacks via unspecified vectors...

4.9CVSS6.2AI score0.01094EPSS
Exploits0References8
Cvelist
Cvelist
added 2010/06/21 7:0 p.m.16 views

CVE-2010-2347

The Telnet interface in the SAP J2EE Engine Core SAP-JEECOR 6.40 through 7.02, and Server Core SERVERCORE 7.10 through 7.30 allows remote authenticated users to bypass a security check and conduct SMB relay attacks via unspecified vectors...

6.2AI score0.01094EPSS
Exploits0References8
securityvulns
securityvulns
added 2010/02/22 12:0 a.m.129 views

[Onapsis Security Advisory 2010-002] SAP J2EE Engine MDB Path Traversal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-002: SAP J2EE Engine MDB Path Traversal This advisory can be downloaded from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

6.9AI score
Exploits0
Rows per page
Query Builder