SAP NetWeaver AS Java Code Injection (March 2024)

critical Nessus Plugin ID 192029

Version 1.3

Oct 18, 2024, 9:34 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "True")
  • Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202410180934

Version 1.2

Mar 15, 2024, 3:57 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202403151557

Version 1.1

Mar 14, 2024, 3:54 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "False". "Exploitability ease" set to "No known exploits are available")

Plugin Feed: 202403141554

Version 1.1

Mar 15, 2024, 1:33 PM

  • IAVM reference
  • STIG Severity (set to "I")

Plugin Feed: 202403151333

Version 1.0

Mar 13, 2024, 9:21 PM

  • New

Plugin Feed: 202403132121

* Changelogs are generally available for changes made after Nov 1, 2022