Vulnerability Details : CVE-2012-1291
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service.
Products affected by CVE-2012-1291
- cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-1291
0.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-1291
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2012-1291
-
http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a
Acknowledgments to Security Researchers - Security and Identity Management - SCN Wiki
-
http://dsecrg.com/pages/vul/show.php?id=415
-
http://www.securityfocus.com/bid/52101
SAP NetWeaver Multiple Input Validation Vulnerabilities
-
https://service.sap.com/sap/support/notes/1585527
Jump to