cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-54197,https://securityvulnerability.io/vulnerability/CVE-2024-54197,SAP NetWeaver Administrator Vulnerability Allows HTTP Endpoint Enumeration and SSRF Attacks,"The vulnerability in SAP NetWeaver Administrator allows an authenticated attacker to perform HTTP endpoint enumeration within the internal network by crafting specific HTTP requests. This exploitation could lead to Server-Side Request Forgery (SSRF), potentially compromising data confidentiality and integrity. The vulnerability does not affect the application's availability, but the resultant SSRF could allow attackers to interact with internal services, increasing the risk of broader network exploitation. Early mitigation is crucial to safeguard sensitive data and prevent unauthorized access.",SAP,SAP Netweaver Administrator(system Overview),7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-10T00:12:42.296Z,0
CVE-2019-0345,https://securityvulnerability.io/vulnerability/CVE-2019-0345,,"A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overview), versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP Management console, resulting in Server-Side Request Forgery.",SAP,SAP Netweaver Application Server For Java (administrator System Overview),9.8,CRITICAL,0.007269999943673611,false,false,false,false,,false,false,2019-08-14T13:54:04.000Z,0