CVE-2014-3787
SAP NetWeaver < 7.20 - Unauthenticated Exposure of Sensitive Information via SAP CUA Tables
Title source: llmDescription
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
References (4)
Core 4
Core References
Various Sources x_refsource_misc
http://en.securitylab.ru/lab/PT-2014-09
Various Sources x_refsource_confirm
http://scn.sap.com/docs/DOC-8218
Various Sources x_refsource_confirm
https://service.sap.com/sap/support/notes/1997455
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/58671
Scores
EPSS
0.0032
EPSS Percentile
55.0%
Details
CWE
CWE-200
Status
published
Products (6)
sap/netweaver
7.0 (5 CPE variants)
sap/netweaver
7.01
sap/netweaver
7.02
sap/netweaver
7.03
sap/netweaver
7.10
sap/netweaver
< 7.20
Published
May 19, 2014
Tracked Since
Feb 18, 2026