SAP Afaria version 7 suffers from a stored cross site scripting vulnerability.
2082d9ff424b99cbc2ae9d7bfcce7559468dcb8de5806eb40ae0272bfc163ca1SAP Afaria 7 suffers from a buffer overflow vulnerability.
af1eb12bb6ea9b28172a2499e235592204d5c6e5405e08d2b1b8ef6f471f8c15The management console of SAP NW version 7.4 suffers from an information disclosure vulnerability. It is possible to get some information from the web interface of CCMS without authentication. An attacker can use the information for subsequent attacks which will lead to illegal access to business-critical information.
73f02099e08e2e93992dacd4aa1f75a2d6f6808869ba2d42d24272d2af5847e5SAP Mobile Platform version 2.3 suffers from an XXE injection vulnerability. An attacker can read an arbitrary file on the server by sending a correct XML request with a crafted DTD to/scc/messagebroker/http and reading the reply from the service. An attacker can perform a DoS attack (for example, an XML Entity Expansion attack). A SMB Relay attack is a type of Man-in-the-Middle attack where the attacker asks the victim to authenticate into a machine controlled by the attacker, then relays the credentials to the target. The attacker forwards the authentication information both ways, giving them access.
af39f3b02d6f59a59ac9adee1be7f700f929d9f74faaf58a79ef76213342f7ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed