Overview
- Description
- An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
- Source
- cna@sap.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 6.4
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADA4F6C9-1CB3-4D82-AD9B-F0BD8203CC83"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADA6C739-64A9-4B97-90AE-8F8EF7025A10"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FEABB91-A615-426E-A652-5390C1B21A03"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AF1183A-3410-4E08-9473-3FF36C2096FE"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFF5713B-C0C4-4062-BC6F-0BBD1E6FF620"
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEAE6C2A-821F-4123-BD56-0FDADF9D63C8"
}
],
"operator": "OR"
}
]
}
]