Vulnerability in Sap Netweaver_java_application_server

CVE-2014-3133

SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection.

EPSS: 0.021 (79.2th percentile) — read the EPSS interpretation.

Affected products

Sap Netweaver_java_application_server
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (mailing-list, x_refsource_FULLDISC)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_CONFIRM)