| |
Podatność CVE-2024-27898
Publikacja: 2024-04-09
Opis: |
SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. Thus, having a low impact on confidentiality.
|
Typ:
CWE-918
Referencje: |
https://me.sap.com/notes/3425188
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
|
|
|
Copyright 2024, cxsecurity.com
|
|
|