VAR-190001-0584
Vulnerability from variot - Updated: 2022-05-17 01:42The SAP J2EE Engine Core is a core component of the SAP NetWeaver application platform. The SAP J2EE engine has security flaws that allow an attacker to compromise an enterprise computer system over the Internet. The impact of this issue is currently unknown. We will update this BID when more information emerges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-190001-0584",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "j2ee engine core sp03/7.02/7.01 sp07/7.01/7.00 sp22/7.00 sp02/7.00/6.40 sp26/6.40",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30/7.20/7.11/7.10/7.02"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.11"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "j2ee engine core sp03",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "j2ee engine core sp07",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "j2ee engine core sp22",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.00"
},
{
"model": "j2ee engine core sp02",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.00"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.00"
},
{
"model": "j2ee engine core sp26",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
},
{
"model": "j2ee engine core",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
},
{
"model": "j2ee engine core sp03/7.02/7.01 sp07/7.01/7.00 sp22/7.00 sp02/7.00/6.40 sp26/6.40",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.30/7.20/7.11/7.10/7.02*"
}
],
"sources": [
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"db": "BID",
"id": "49048"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov",
"sources": [
{
"db": "BID",
"id": "49048"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SAP J2EE Engine Core is a core component of the SAP NetWeaver application platform. The SAP J2EE engine has security flaws that allow an attacker to compromise an enterprise computer system over the Internet. \nThe impact of this issue is currently unknown. We will update this BID when more information emerges",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"db": "BID",
"id": "49048"
},
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "49048",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-3061",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201108-117",
"trust": 0.6
},
{
"db": "IVD",
"id": "2E4DD060-1F8D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"db": "BID",
"id": "49048"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
]
},
"id": "VAR-190001-0584",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3061"
}
],
"trust": 1.4388889
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3061"
}
]
},
"last_update_date": "2022-05-17T01:42:56.357000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.reuters.com/article/2011/08/05/sap-security-iduslde7740s920110805https"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49048"
},
{
"trust": 0.3,
"url": "https://www.blackhat.com/html/bh-us-11/bh-us-11-briefings.html#polyakov"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "http://www.reuters.com/article/2011/08/05/sap-security-iduslde7740s920110805"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"db": "BID",
"id": "49048"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"db": "BID",
"id": "49048"
},
{
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-08T00:00:00",
"db": "IVD",
"id": "2e4dd060-1f8d-11e6-abef-000c29c66e3d"
},
{
"date": "2011-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"date": "2011-08-05T00:00:00",
"db": "BID",
"id": "49048"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3061"
},
{
"date": "2011-08-05T00:00:00",
"db": "BID",
"id": "49048"
},
{
"date": "2011-08-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote \u203b local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown vulnerabilities in the SAP J2EE engine",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3061"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201108-117"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…