CVE-2013-7367

Published: Apr 10, 2014Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.

Affected (1)

Products: Sap: Enterprise Portal

Sap

1 product

Enterprise Portal

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Enterprise Portal	All versions

Related CWEs

CWE-264

References (10)

http://archives.neohapsis.com/archives/bugtraq/2013-02/0130.html

Source: cve@mitre.org

http://scn.sap.com/docs/DOC-8218

Source: cve@mitre.org

http://www.onapsis.com/get.php?resid=adv_onapsis-2013-001

Source: cve@mitre.org

http://www.onapsis.com/research-advisories.php

Source: cve@mitre.org

https://service.sap.com/sap/support/notes/1658947

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2013-02/0130.html