NVD

Id
31382  
Name
CVE-2014-3130  
Description
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-04-30  
Modified Date
2014-05-10  
Seq
2014-3130  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
164297 31382 CVE-2014-3130 http://scn.sap.com/docs/DOC-8218  View
164298 31382 CVE-2014-3130 20140428 [Onapsis Security Advisory 2014-009] SAP BASIS Missing Authorization Check  View
164299 31382 CVE-2014-3130 http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-009  View
164300 31382 CVE-2014-3130 67108  View
164301 31382 CVE-2014-3130 https://service.sap.com/sap/support/notes/1910914  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
13460 JVNDB-2014-002335 SAP Netweaver ABAP Application Server の Basis の ABAP Help ドキュメンテーションおよび翻訳ツールにおける権限を取得される脆弱性 SAP Netweaver ABAP Application Server の Basis の ABAP Help ドキュメンテーションおよび翻訳ツール (BC-DOC-HLP) は、アクセスを適切に制限しないため、権限を取得される脆弱性が存在します。 CVE-2014-3130 70417 CVE-2014-3130 31382 4.6 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002335.html 2014-04-28 2014-05-02 View