CNNVD-202511-1291 Information
CNNVD ID
CNNVD-202511-1291
Related CVE
- CNNVD Published: 2025-11-11
Description (Chinese)
SAP NetWeaver Application Server Java是德国思爱普(SAP)公司的一款提供了Java运行环境的应用程序服务器。该产品主要用于开发和运行Java EE应用程序。 SAP NetWeaver Application Server Java存在路径遍历漏洞,该漏洞源于可通过操纵URL访问内部元数据文件,可能导致信息泄露。
Description (English)
SAP NetWeaver Application Server Java is an application server that provides the Java operating environment. The product is used mainly for the development and operation of Java EE applications. SAP NetWeaver Application Server Java has a loophole in its path, which arises from access to internal metadata files through the manipulation of URLs, which can lead to the disclosure of information.
Hazard Level
High
Vulnerability Type
路径遍历
Affected Vendor
思爱普
Published
2025-11-11
Last Modified
2026-02-24
References
https://me.sap.com/notes/3643603 https://url.sap/sapsecuritypatchday https://access.redhat.com/security/cve/cve-2025-42919
Patch
https://url.sap/sapsecuritypatchday
Share on: