- Description
- SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.
- Source
- cna@sap.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 6
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- cna@sap.com
- CWE-77
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-22127
@transilienceai
19 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
18 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
17 Nov 2024
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
14 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
12 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
10 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
8 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-22127
@transilienceai
4 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFF5713B-C0C4-4062-BC6F-0BBD1E6FF620"
}
],
"operator": "OR"
}
]
}
]