CVE-2014-3132

Sažetak

SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.

Reference

http://scn.sap.com/docs/DOC-8218
http://seclists.org/fulldisclosure/2014/Apr/299
http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-006
http://www.securityfocus.com/bid/67107
https://service.sap.com/sap/support/notes/1918333

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

10-05-2014 - 04:06

Objavljeno

30-04-2014 - 14:22