Details of VAR-E-201307-0007

ID

VAR-E-201307-0007

CVE

cve_id:

CVE-2013-3319

Trust: 0.3

sources: BID: 61402

TITLE

SAP Netweaver CVE-2013-3319 Information Disclosure Vulnerability

Trust: 0.3

sources: BID: 61402

DESCRIPTION

SAP Netweaver is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
SAP Netweaver 7.03 and prior are vulnerable.

Trust: 0.3

sources: BID: 61402

AFFECTED PRODUCTS

vendor:

sap

model:

netweaver

scope:

version:

7.03

Trust: 0.3

sources: BID: 61402

EXPLOIT

The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Trust: 0.3

sources: BID: 61402

PRICE

Free

Trust: 0.3

sources: BID: 61402

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 61402

CREDITS

Bruno Morisson

Trust: 0.3

sources: BID: 61402

EXTERNAL IDS

db:	NVD	id:	CVE-2013-3319	Trust: 0.3
db:	BID	id:	61402	Trust: 0.3

sources: BID: 61402

REFERENCES

url:	http://labs.integrity.pt/advisories/cve-2013-3319/	Trust: 0.3
url:	http://www.sap.com/platform/netweaver/index.epx	Trust: 0.3

sources: BID: 61402

SOURCES

db:

BID

id:

61402

LAST UPDATE DATE

2022-07-27T09:32:52.251000+00:00

SOURCES UPDATE DATE

db:

BID

id:

61402

date:

2013-07-09T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

61402

date:

2013-07-09T00:00:00