CVE-2017-16682

Sažetak

SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.

Reference

http://www.securityfocus.com/bid/102143
https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
https://launchpad.support.sap.com/#/notes/2526781

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

22-12-2017 - 14:34

Objavljeno

12-12-2017 - 14:29