Lookup for vulnerabilities affecting packages.
| Vulnerability_id | VCID-x3c9-a2p5-6kbw |
|---|
| Summary | Due to missing authorization checks, SAP Business Warehouse (BEx Analyzer) allows an authenticated attacker to access information over the network which is otherwise restricted. On successful exploitation the attacker can enumerate information causing a limited impact on confidentiality of the application. |
|---|
| Aliases |
|
|---|
| Fixed_packages |
|
|---|
| Affected_packages |
|
|---|
| References |
| 0 |
|
| 1 |
| reference_url |
https://me.sap.com/notes/3481992 |
| reference_id |
3481992 |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T13:27:38Z/ |
|
|
| url |
https://me.sap.com/notes/3481992 |
|
| 2 |
| reference_url |
https://url.sap/sapsecuritypatchday |
| reference_id |
sapsecuritypatchday |
| reference_type |
|
| scores |
| 0 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T13:27:38Z/ |
|
|
| url |
https://url.sap/sapsecuritypatchday |
|
|
|---|
| Weaknesses |
| 0 |
| cwe_id |
359 |
| name |
Exposure of Private Personal Information to an Unauthorized Actor |
| description |
The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected. |
|
| 1 |
| cwe_id |
862 |
| name |
Missing Authorization |
| description |
The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
|
|
|---|
| Exploits |
|
|---|
| Severity_range_score | 4.3 - 4.3 |
|---|
| Exploitability | null |
|---|
| Weighted_severity | null |
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/vulnerabilities/VCID-x3c9-a2p5-6kbw |
|---|