Vulnerability Details : CVE-2012-1291
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service.
Exploit prediction scoring system (EPSS) score for CVE-2012-1291
Probability of exploitation activity in the next 30 days: 0.21%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-1291
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2012-1291
-
http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a
Acknowledgments to Security Researchers - Security and Identity Management - SCN Wiki
-
http://dsecrg.com/pages/vul/show.php?id=415
-
http://www.securityfocus.com/bid/52101
SAP NetWeaver Multiple Input Validation Vulnerabilities
- https://service.sap.com/sap/support/notes/1585527
Products affected by CVE-2012-1291
- cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*