Description
An attacker can discover information relating to AS Java who use System Compare functionality in SAP NetWeaver Administrator. This information could be used to allow the attacker to specialize their attacks against Application Server Java (AS Java).
Available fix and Supported packages
- LMNWABASICMBEAN | 7.30 | 7.30
- LMNWABASICMBEAN | 7.31 | 7.31
- LM NWA BASIC MBEAN 7.30 | SP002 | 000003
- LM NWA BASIC MBEAN 7.30 | SP003 | 000004
- LM NWA BASIC MBEAN 7.30 | SP004 | 000003
- LM NWA BASIC MBEAN 7.30 | SP005 | 000002
- LM NWA BASIC MBEAN 7.30 | SP007 | 000001
- LM NWA BASIC MBEAN 7.30 | SP008 | 000000
- LM NWA BASIC MBEAN 7.31 | SP001 | 000002
- LM NWA BASIC MBEAN 7.31 | SP002 | 000001
- LM NWA BASIC MBEAN 7.31 | SP003 | 000001
- LM NWA BASIC MBEAN 7.31 | SP004 | 000001
- LM NWA BASIC MBEAN 7.31 | SP005 | 000000
Affected component
- BC-JAS-ADM-MON
Monitoring
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1734398
