SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Sap
Sap netweaver Application Server Java |
|
CPEs | cpe:2.3:a:sap:netweaver_application_server_java:7.5:*:*:*:*:*:*:* | |
Vendors & Products |
Sap
Sap netweaver Application Server Java |
|
Metrics |
ssvc
|
Tue, 12 Nov 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SAP NetWeaver AS Java allows an unauthenticated attacker to brute force the login functionality in order to identify the legitimate user IDs. This has an impact on confidentiality but not on integrity or availability. | |
Title | Information Disclosure Vulnerability in SAP NetWeaver Application Server Java (Logon Application) | |
Weaknesses | CWE-307 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2024-11-12T00:27:10.881Z
Updated: 2024-11-12T01:40:11.797Z
Reserved: 2024-09-27T20:05:59.021Z
Link: CVE-2024-47592
Vulnrichment
Updated: 2024-11-12T01:40:07.097Z
NVD
Status : Awaiting Analysis
Published: 2024-11-12T01:15:05.210
Modified: 2024-11-12T13:55:21.227
Link: CVE-2024-47592
Redhat
No data.