CNNVD-202512-1493 Information
CNNVD ID
CNNVD-202512-1493
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
SAP Web Dispatcher和SAP Internet Communication Manager(SAP ICM)都是德国思爱普(SAP)公司的产品。SAP Web Dispatcher是Load Balancing 的核心组件,支持负载均衡,提供反向代理的功能,使得外网用户可以访问到内部应用。SAP Internet Communication Manager是一个 SAP NetWeaver 应用程序服务器的组件。用于接收和发送 Web 请求(HTTP、HTTPS、SMTP)。 SAP Web Dispatcher和SAP Internet Communication Manager存在安全漏洞,该漏洞源于暴露内部测试接口,可能导致诊断信息泄露或服务中断。
Description (English)
SAP Web Dispatcher and SAP Internet Community Manager (SAP ICM) are products of SAP Germany. SAP Web Dispatcher is the core component of Load Balancing, which supports load balance and provides the function of reverse agent and allows access to internal applications by offline users. SAP Internet Community Manager is a component of the SAP NetWeaver application server. For receiving and sending Web requests (HTTP, HTTPS, SMTP). SAP Web Dispatcher and SAP Internet Corporation Manager have a security loophole, which arises from the exposure of internal testing interfaces, which can lead to the disclosure of diagnostic information or the disruption of services.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
思爱普
Published
2025-12-09
Last Modified
2026-02-24
References
https://me.sap.com/notes/3684682 https://url.sap/sapsecuritypatchday
Patch
https://url.sap/sapsecuritypatchday
Share on: