Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.14 views

CVE-2021-21480

SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...

9.9CVSS7.9AI score0.50913EPSS
Exploits0References1
CNVD
CNVD
added 2021/03/10 12:0 a.m.10 views

SAP MII Code Injection Vulnerability

SAP MII is a software application from SAP Germany. It provides manufacturing operations management functions. SAP MII has a security vulnerability. sapmii allows users to create dashboards via SSCE Self Service Combined Environment and save them as JSPs. an attacker can intercept requests to the...

9.9CVSS7.5AI score0.50913EPSS
Exploits0References1
NVD
NVD
added 2021/03/09 3:15 p.m.23 views

CVE-2021-21480

SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...

9.9CVSS0.50913EPSS
Exploits0References5
Prion
Prion
added 2021/03/09 3:15 p.m.21 views

Design/Logic Flaw

SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...

9CVSS8.9AI score0.50913EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2021/03/09 2:10 p.m.4 views

CVE-2021-21480

SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...

9.9CVSS9.1AI score0.50913EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/03/09 2:10 p.m.24 views

CVE-2021-21480

SAP MII allows users to create dashboards and save them as JSP through the SSCE Self Service Composition Environment. An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAPXMII...

9.9CVSS9.2AI score0.50913EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/03/09 12:0 a.m.5 views

PT-2021-7243 · Sap · Sap Mii

Name of the Vulnerable Software and Affected Versions: SAP MII affected versions not specified Description: The issue allows an attacker to intercept a request to the server, inject malicious JSP code in the request, and forward it to the server. When a dashboard is opened by users with at least...

9.9CVSS9.4AI score0.50913EPSS
Exploits0References15
Packet Storm
Packet Storm
added 2016/05/16 12:0 a.m.63 views

SAP MII 15.0 Directory Traversal

Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 29.07.2015 Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry Chastuhin ERPScan Description 1...

7.8CVSS0.4AI score0.4145EPSS
Exploits4
erpscan
erpscan
added 2015/05/09 12:0 a.m.35 views

SAP MII - Encryption Downgrade vulnerability

Application: SAP MII Vendor URL: http://www.sap.com Bugs: Cryptographic issues Reported: 05.09.2015 Vendor response: 06.09.2015 Date of Public Advisory: 20.11.2015 Reference: SAP Security Note 2240274 Author: Mathieu GELI ERPScan VULNERABILITY INFORMATION Class: Cryptographic issues Impact: readi...

5CVSS0.4AI score0.00968EPSS
Exploits0
Rows per page
Query Builder