Description

SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a low impact due to the vulnerabilities associated with version 1.x.

Related CPE's

a

sap

netweaver_developer_studio

7.50

Vulnerable

References

https://launchpad.support.sap.com/#/notes/3202846

Permissions RequiredVendor Advisory

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-502

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

3.4 · Low

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-06-14T19:15:07.487

3 years ago

Last modified

2022-06-24T16:50:41.713

3 years ago