CVE-2014-3787

Published: May 19, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.

Affected (10)

Products: Sap: Netweaver

1 product

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver	Up to 7.20
Sap Netweaver	Version 7.01
Sap Netweaver	Version 7.02
Sap Netweaver	Version 7.03
Sap Netweaver	Version 7.0
Sap Netweaver	Version 7.0 ehp1
Sap Netweaver	Version 7.0 ehp2
Sap Netweaver	Version 7.0 sp15
Sap Netweaver	Version 7.0 sp8
Sap Netweaver	Version 7.10

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://en.securitylab.ru/lab/PT-2014-09

Source: cve@mitre.org

http://scn.sap.com/docs/DOC-8218

Source: cve@mitre.org

http://secunia.com/advisories/58671

Source: cve@mitre.org

Vendor Advisory

https://service.sap.com/sap/support/notes/1997455

Source: cve@mitre.org

http://en.securitylab.ru/lab/PT-2014-09

Source: af854a3a-2127-422b-91ae-364da2661108

http://scn.sap.com/docs/DOC-8218

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/58671

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://service.sap.com/sap/support/notes/1997455

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.