Description

SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x.

Related CPE's

a

sap

netweaver_developer_studio

7.50

Vulnerable

References

https://launchpad.support.sap.com/#/notes/3202846

Permissions RequiredVendor Advisory

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Vendor Advisory

https://launchpad.support.sap.com/#/notes/3202846

Permissions RequiredVendor Advisory

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-502

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

3.4 · Low

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-06-14T17:15:07.487Z

3 years ago

Last modified

2024-11-21T05:59:26.253Z

1 year ago