CVE-2014-3133
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0035 (0.4%)
Percentil: 57.7%
EPSS: 2026-05-06
Afecta
sap:netweaver_java_application_serverDescripción técnica
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection.
Publicada: 30/4/2014, 14:22:07
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://scn.sap.com/docs/DOC-8218
- http://seclists.org/fulldisclosure/2014/Apr/301
- http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-008
- http://www.securityfocus.com/bid/67104
- https://service.sap.com/sap/support/notes/1922547
- http://scn.sap.com/docs/DOC-8218
- http://seclists.org/fulldisclosure/2014/Apr/301
- http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-008