CVE-2012-1291
First published: Thu Feb 23 2012(Updated: )
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP NetWeaver | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-1291?
CVE-2012-1291 is classified as a vulnerability that may allow remote attackers to obtain sensitive information.
How do I fix CVE-2012-1291?
To remediate CVE-2012-1291, ensure that proper access controls are in place and that the EnableInvokerServletGlobally property is appropriately configured.
Which versions of SAP are affected by CVE-2012-1291?
CVE-2012-1291 affects SAP NetWeaver version 7.0.
What kind of information can be leaked by CVE-2012-1291?
CVE-2012-1291 can lead to the exposure of sensitive information about the Adapter Monitor.
Are there any known attack vectors for CVE-2012-1291?
CVE-2012-1291 has unspecified attack vectors that may be related to the servlet configuration.
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/sap
- canonical/sap netweaver
- version/sap netweaver/7.0