CVE-2013-3319Sensitive Information Exposure in SAP Netweaver

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
11.7%
top 6.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Netweaver
Timeline
PublishedAug 16
Latest updateMay 17

Description

The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDsap/netweaver7.03

🔴Vulnerability Details

2
GHSA
GHSA-6jhc-7v5j-xgxw: The GetComputerSystem method in the HostControl service in SAP Netweaver 72022-05-17
CVEList
CVE-2013-3319: The GetComputerSystem method in the HostControl service in SAP Netweaver 72013-08-16
CVE-2013-3319 — Sensitive Information Exposure in SAP | cvebase