admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-29 05:56:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-00xx/CVE-2025-0058.json
cad-safe-bot 4a301a0f3d Auto-Update: 2025-01-19T03:00:20.175811+00:00
2025-01-19 03:03:47 +00:00

64 lines
2.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-0058",
"sourceIdentifier": "cna@sap.com",
"published": "2025-01-14T01:15:16.040",
"lastModified": "2025-01-14T01:15:16.040",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the information unavailable."
},
{
"lang": "es",
"value": " En SAP Business Workflow y SAP Flexible Workflow, un atacante autenticado puede manipular un par\u00e1metro en una solicitud de recursos leg\u00edtima para ver informaci\u00f3n confidencial que, de otro modo, deber\u00eda estar restringida. El atacante no tiene la capacidad de modificar la informaci\u00f3n ni de hacer que no est\u00e9 disponible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3542698",
"source": "cna@sap.com"
},
{
"url": "https://url.sap/sapsecuritypatchday",
"source": "cna@sap.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink