CVE-2014-1960

The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
VendorProductVersion
sapnetweaver
-
sapnetweaver_solution_manager
7.0
sapnetweaver_solution_manager
7.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56942
https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/
https://exchange.xforce.ibmcloud.com/vulnerabilities/91093
https://service.sap.com/sap/support/notes/1828885
http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56942
https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/
https://exchange.xforce.ibmcloud.com/vulnerabilities/91093
https://service.sap.com/sap/support/notes/1828885