First published: Thu Apr 10 2014(Updated: )
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SAP NetWeaver |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2013-7364 is classified as high due to its potential for remote file access vulnerabilities.
CVE-2013-7364 allows unauthorized remote attackers to read and write arbitrary files in SAP NetWeaver due to improper access restrictions.
The vulnerable systems include SAP NetWeaver versions that utilize the J2EE Engine.
To fix CVE-2013-7364, apply the latest patches and updates provided by SAP for SAP NetWeaver.
Attackers can exploit CVE-2013-7364 to perform unauthorized file access and manipulation, potentially leading to data leakage or corruption.