Vulnerability Details : CVE-2013-7367
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2013-7367
Probability of exploitation activity in the next 30 days: 0.39%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-7367
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-7367
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7367
-
https://service.sap.com/sap/support/notes/1658947
-
http://www.onapsis.com/research-advisories.php
Page Not Found | Onapsis
-
http://scn.sap.com/docs/DOC-8218
Acknowledgments to Security Researchers - Security and Identity Management - SCN Wiki
-
http://archives.neohapsis.com/archives/bugtraq/2013-02/0130.html
-
http://www.onapsis.com/get.php?resid=adv_onapsis-2013-001
Page Not Found | Onapsis
Products affected by CVE-2013-7367
- cpe:2.3:a:sap:enterprise_portal:-:*:*:*:*:*:*:*