Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-38163

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-38163

Description:
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.
Last updated date:
07/12/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
06/09/2022
Reference url to background

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy