CVE-2015-2817Sensitive Information Exposure in SAP Netweaver

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 37.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Netweaver
Timeline
PublishedApr 1
Latest updateMay 14

Description

The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDsap/netweaver7.40

🔴Vulnerability Details

2
GHSA
GHSA-f8rh-j93f-3xc3: The SAP Management Console in SAP NetWeaver 72022-05-14
CVEList
CVE-2015-2817: The SAP Management Console in SAP NetWeaver 72015-04-01
CVE-2015-2817 — Sensitive Information Exposure in SAP | cvebase