cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-22127,https://securityvulnerability.io/vulnerability/CVE-2024-22127,SAP NetWeaver Administrator AS Java Vulnerability Could Lead to Command Injection,"The vulnerability in SAP NetWeaver Administrator AS Java's Administrator Log Viewer plug-in permits an attacker, who possesses high privileges, to upload potentially harmful files. This exploit leads to a command injection vulnerability, allowing the attacker to execute arbitrary commands within the application. Such unauthorized command execution presents serious risks, potentially compromising the confidentiality, integrity, and availability of the application's data and services. Organizations utilizing affected versions of SAP NetWeaver are urged to apply the necessary patches to mitigate these risks effectively.",SAP,SAP Netweaver As Java (administrator Log Viewer Plug-in),9.1,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-03-12T01:15:00.000Z,0
CVE-2023-31405,https://securityvulnerability.io/vulnerability/CVE-2023-31405,Log Injection vulnerability in SAP NetWeaver AS for Java (Log Viewer),"SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.

",SAP,SAP Netweaver As For Java (log Viewer),5.3,MEDIUM,0.000910000002477318,false,false,false,false,,false,false,2023-07-11T03:15:00.000Z,0