Test Kennung:	1.3.6.1.4.1.25623.1.0.106149
Kategorie:	Web Servers
Titel:	SAP NetWeaver AS Java Information Disclosure Vulnerability (2255990) - Active Check
Zusammenfassung:	SAP NetWeaver Application Server (AS) Java is prone to an; information disclosure vulnerability.
Beschreibung:	Summary: SAP NetWeaver Application Server (AS) Java is prone to an information disclosure vulnerability. Vulnerability Insight: The chat feature in the Real-Time Collaboration (RTC) services allows remote attackers to obtain sensitive user information. Vulnerability Impact: An unauthenticated attacker can get information about SAP NetWeaver AS Java users. Affected Software/OS: SAP NetWeaver AS Java version 7.10 (7.1) through 7.50 (7.5). Solution: See the referenced vendor advisories for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3973 http://seclists.org/fulldisclosure/2016/Jun/46 http://packetstormsecurity.com/files/137579/SAP-NetWeaver-AS-JAVA-7.5-Information-Disclosure.html https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/ https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.