Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a high impact on the integrity and availability of the applications.
2024-08-13T04:15:07.740
2024-09-12T14:39:03.480
Analyzed
CVSSv3.1: 6.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sap | netweaver_abap | kernel_7.22 | Yes |
| Application | sap | netweaver_abap | kernel_7.53 | Yes |
| Application | sap | netweaver_abap | kernel_7.54 | Yes |
| Application | sap | netweaver_abap | kernel_7.77 | Yes |
| Application | sap | netweaver_abap | kernel_7.85 | Yes |
| Application | sap | netweaver_abap | kernel_7.89 | Yes |
| Application | sap | netweaver_abap | kernel_7.93 | Yes |
| Application | sap | netweaver_abap | krnl64nuc_7.22 | Yes |
| Application | sap | netweaver_abap | krnl64nuc_7.22ext | Yes |
| Application | sap | netweaver_abap | krnl64uc_7.22 | Yes |
| Application | sap | netweaver_abap | krnl64uc_7.22ext | Yes |
| Application | sap | netweaver_abap | krnl64uc_7.53 | Yes |
| Application | sap | netweaver_java | kernel_7.22 | Yes |
| Application | sap | netweaver_java | kernel_7.53 | Yes |
| Application | sap | netweaver_java | kernel_7.54 | Yes |
| Application | sap | netweaver_java | kernel_7.77 | Yes |
| Application | sap | netweaver_java | kernel_7.85 | Yes |
| Application | sap | netweaver_java | kernel_7.89 | Yes |
| Application | sap | netweaver_java | kernel_7.93 | Yes |
| Application | sap | netweaver_java | krnl64nuc_7.22 | Yes |
| Application | sap | netweaver_java | krnl64nuc_7.22ext | Yes |
| Application | sap | netweaver_java | krnl64uc_7.22 | Yes |
| Application | sap | netweaver_java | krnl64uc_7.22ext | Yes |
| Application | sap | netweaver_java | krnl64uc_7.53 | Yes |
| Application | sap | content_server | kernel_7.22 | Yes |
| Application | sap | content_server | kernel_7.53 | Yes |
| Application | sap | content_server | kernel_7.54 | Yes |
| Application | sap | content_server | kernel_7.77 | Yes |
| Application | sap | content_server | kernel_7.85 | Yes |
| Application | sap | content_server | kernel_7.89 | Yes |
| Application | sap | content_server | kernel_7.93 | Yes |
| Application | sap | content_server | krnl64nuc_7.22 | Yes |
| Application | sap | content_server | krnl64nuc_7.22ext | Yes |
| Application | sap | content_server | krnl64uc_7.22 | Yes |
| Application | sap | content_server | krnl64uc_7.22ext | Yes |
| Application | sap | content_server | krnl64uc_7.53 | Yes |
| Application | sap | web_dispatcher | kernel_7.22 | Yes |
| Application | sap | web_dispatcher | kernel_7.53 | Yes |
| Application | sap | web_dispatcher | kernel_7.54 | Yes |
| Application | sap | web_dispatcher | kernel_7.77 | Yes |
| Application | sap | web_dispatcher | kernel_7.85 | Yes |
| Application | sap | web_dispatcher | kernel_7.89 | Yes |
| Application | sap | web_dispatcher | kernel_7.93 | Yes |
| Application | sap | web_dispatcher | krnl64nuc_7.22 | Yes |
| Application | sap | web_dispatcher | krnl64nuc_7.22ext | Yes |
| Application | sap | web_dispatcher | krnl64uc_7.22 | Yes |
| Application | sap | web_dispatcher | krnl64uc_7.22ext | Yes |
| Application | sap | web_dispatcher | krnl64uc_7.53 | Yes |
| Application | sap | web_dispatcher | webdisp_7.22_ext | Yes |
| Application | sap | web_dispatcher | webdisp_7.53 | Yes |
| Application | sap | web_dispatcher | webdisp_7.54 | Yes |
| Application | sap | web_dispatcher | webdisp_7.77 | Yes |
| Application | sap | web_dispatcher | webdisp_7.85 | Yes |
| Application | sap | web_dispatcher | webdisp_7.89 | Yes |
| Application | sap | web_dispatcher | webdisp_7.93 | Yes |