CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 2CVE-2016-10005 – SAP Solman 7.31 Information Disclosure
https://notcve.org/view.php?id=CVE-2016-10005
19 Dec 2016 — Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to obtain sensitive information via webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd requests, aka SAP Security Note 2344524. Webdynpro en SAP Solman 7.1 hasta la versión 7.31 permite a atacantes remotos obtener información sensible a través de la petición webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd, vulnerabilidad también conocida como SAP Security Note 2344524. SAP Solman versions 7.1 through 7.31 suffer from an inform... • https://packetstorm.news/files/id/140232 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2014-5175
https://notcve.org/view.php?id=CVE-2014-5175
31 Jul 2014 — The License Measurement servlet in SAP Solution Manager 7.1 allows remote attackers to bypass authentication via unspecified vectors, related to a verb tampering attack and SAP_JTECHS. El servlet License Measurement en SAP Solution Manager 7.1 permite a atacantes remotos evadir la autenticación a través de vectores no especificados, relacionado con un ataque de la manipulación de verbos y SAP_JTECHS. • http://scn.sap.com/docs/DOC-8218 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2014-1960
https://notcve.org/view.php?id=CVE-2014-1960
14 Feb 2014 — The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors. Solution Manager en SAP NetWeaver no restringe debidamente el acceso, lo que permite a atacantes remotos obtener información sensible a través de vectores no especificados. • http://scn.sap.com/docs/DOC-8218 • CWE-264: Permissions, Privileges, and Access Controls •