9 matches found
CVE-2021-21480
SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...
SAP MII Code Injection Vulnerability
SAP MII is a software application from SAP Germany. It provides manufacturing operations management functions. SAP MII has a security vulnerability. sapmii allows users to create dashboards via SSCE Self Service Combined Environment and save them as JSPs. an attacker can intercept requests to the...
CVE-2021-21480
SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...
Design/Logic Flaw
SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...
CVE-2021-21480
SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...
CVE-2021-21480
SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...
PT-2021-7243 · Sap · Sap Mii
Name of the Vulnerable Software and Affected Versions: SAP MII affected versions not specified Description: The issue allows an attacker to intercept a request to the server, inject malicious JSP code in the request, and forward it to the server. When a dashboard is opened by users with at least...
SAP MII 15.0 Directory Traversal
Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 29.07.2015 Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry Chastuhin ERPScan Description 1...
SAP MII - Encryption Downgrade vulnerability
Application: SAP MII Vendor URL: http://www.sap.com Bugs: Cryptographic issues Reported: 05.09.2015 Vendor response: 06.09.2015 Date of Public Advisory: 20.11.2015 Reference: SAP Security Note 2240274 Author: Mathieu GELI ERPScan VULNERABILITY INFORMATION Class: Cryptographic issues Impact: readi...