CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22127

SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an attacker with high privileges to upload potentially dangerous files which leads to command injection vulnerability. This would enable the attacker to run commands which can cause high impact on confidentiality, integrity and availability of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.1%

CVSS Severity

CVSS v3 Score 9.1

References

https://me.sap.com/notes/3433192
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364
https://me.sap.com/notes/3433192
https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364

Products affected by CVE-2024-22127

Sap » Netweaver Application Server Java » Version: 7.5

cpe:2.3:a:sap:netweaver_application_server_java:7.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22127

Products

Pricing

Contact Us