安全研究
安全漏洞
SAP NetWeaver Application Server for ABAP跨站脚本漏洞(CVE-2024-45279)
发布日期:2024-09-09
更新日期:2024-11-08
受影响系统:SAP NetWeaver Application Server for ABAP 912
SAP NetWeaver Application Server for ABAP 758
SAP NetWeaver Application Server for ABAP 757
SAP NetWeaver Application Server for ABAP 756
SAP NetWeaver Application Server for ABAP 755
SAP NetWeaver Application Server for ABAP 754
SAP NetWeaver Application Server for ABAP 753
SAP NetWeaver Application Server for ABAP 752
SAP NetWeaver Application Server for ABAP 751
SAP NetWeaver Application Server for ABAP 750
SAP NetWeaver Application Server for ABAP 740
SAP NetWeaver Application Server for ABAP 731
SAP NetWeaver Application Server for ABAP 702
描述:
CVE(CAN) ID:
CVE-2024-45279
SAP NetWeaver Application Server是德国思爱普(SAP)公司的一款应用程序服务器。
SAP NetWeaver Application Server for ABAP多个版本存在跨站脚本漏洞,攻击者可利用该漏洞构建嵌入了恶意JavaScript的URL并诱导用户点击链接,进而访问并修改信息。
<**>
建议:
厂商补丁:
SAP
---
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
https://url.sap/sapsecuritypatchday浏览次数:170
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障 |
