NVD

Id
41362  
Name
CVE-2013-6244  
Description
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2013-10-23  
Modified Date
2013-10-30  
Seq
2013-6244  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
209023 41362 CVE-2013-6244 http://en.securitylab.ru/lab/PT-2013-13  View
209024 41362 CVE-2013-6244 http://scn.sap.com/docs/DOC-8218  View
209025 41362 CVE-2013-6244 63302  View
209026 41362 CVE-2013-6244 https://service.sap.com/sap/support/notes/1820894  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23299 JVNDB-2013-004874 SAP NetWeaver の Live Update webdynpro アプリケーションにおける任意のファイルおよびディレクトリを読まれる脆弱性 SAP NetWeaver の Live Update webdynpro アプリケーション (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) には、任意のファイルおよびディレクトリを読まれる脆弱性が存在します。 CVE-2013-6244 66186 CVE-2013-6244 41362 5 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004874.html 2013-10-23 2013-10-28 View