SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, which reveals sensitive system information that would otherwise be restricted to highly privileged users because of missing authorization, resulting in Information Disclosure.
2020-11-10T17:15:13.983
2024-11-21T05:20:20.307
Modified
CVSSv3.1: 8.8 (HIGH)
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sap | netweaver_application_server_abap | 731 | Yes |
| Application | sap | netweaver_application_server_abap | 740 | Yes |
| Application | sap | netweaver_application_server_abap | 750 | Yes |
| Application | sap | netweaver_application_server_abap | 751 | Yes |
| Application | sap | netweaver_application_server_abap | 752 | Yes |
| Application | sap | netweaver_application_server_abap | 753 | Yes |
| Application | sap | netweaver_application_server_abap | 754 | Yes |
| Application | sap | netweaver_application_server_abap | 755 | Yes |
| Application | sap | netweaver_application_server_abap | 782 | Yes |