VYPR

NetWeaver Java (Software Update Manager 1.1)

by SAP

CVEs (1)

  • CVE-2024-47588MedNov 12, 2024
    risk 0.31cvss 4.7epss 0.00

    In SAP NetWeaver Java (Software Update Manager 1.1), under certain conditions when a software upgrade encounters errors, credentials are written in plaintext to a log file. An attacker with local access to the server, authenticated as a non-administrative user, can acquire the…