CVE-2014-3129
SAP NetWeaver Software Lifecycle Manager - Exposure of Sensitive Information via Java Server Pages
Title source: llmDescription
The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
References (6)
Core 6
Core References
Various Sources x_refsource_misc
http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-005
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67147
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030157
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Apr/294
Various Sources x_refsource_confirm
http://scn.sap.com/docs/DOC-8218
Various Sources x_refsource_confirm
https://service.sap.com/sap/support/notes/1894049
Scores
EPSS
0.0069
EPSS Percentile
72.0%
Details
CWE
CWE-200
Status
published
Products (1)
sap/netweaver_software_lifecycle_manager
7.1
Published
Apr 30, 2014
Tracked Since
Feb 18, 2026