CVE-2014-3129

Published: Apr 30, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.

Affected (1)

Products: Sap: Netweaver Software Lifecycle Manager

Sap

1 product

Netweaver Software Lifecycle Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver Software Lifecycle Manager	Version 7.1

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (12)

http://scn.sap.com/docs/DOC-8218

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2014/Apr/294

Source: cve@mitre.org

http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-005

Source: cve@mitre.org

http://www.securityfocus.com/bid/67147

Source: cve@mitre.org

http://www.securitytracker.com/id/1030157

Source: cve@mitre.org

https://service.sap.com/sap/support/notes/1894049

Source: cve@mitre.org

http://scn.sap.com/docs/DOC-8218