CVE-2012-1291

{"id": "CVE-2012-1291", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-02-23T20:07:25.957", "references": [{"url": "http://dsecrg.com/pages/vul/show.php?id=415", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47861", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/52101", "source": "cve@mitre.org"}, {"url": "https://service.sap.com/sap/support/notes/1585527", "source": "cve@mitre.org"}, {"url": "http://dsecrg.com/pages/vul/show.php?id=415", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/47861", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/52101", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://service.sap.com/sap/support/notes/1585527", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el servlet com.sap.aii.mdt.amt.web.AMTPageProcessor en SAP NetWeaver v7.0 permite a atacantes remotos obtener informaci\u00f3n sensible sobre el \"Adapter Monitor\" a trav\u00e9s de vectores no especificados. Posiblemente la vulnerabilidad esta relacionada con la propiedad EnableInvokerServletGlobally en el servicio servlet_jsp."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}