CVE-2024-28163

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-732
View all →

Vulnerability Description

Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integrity and Availability of the application.

Related Vulnerabilities

CVE-2011-2515

MEDIUM
CVSS:5.3(Medium)

PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.

CWE-7322011

CVE-2011-4912

MEDIUM
CVSS:5.3(Medium)

Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.

CWE-7322011

CVE-2016-11062

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.

CWE-7322016

CVE-2017-0423

MEDIUM
CVSS:5.3(Medium)

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage access to documents on the device. This issue is rated as Moderate because it first requires exploitati...

CWE-7322017

CVE-2017-15906

MEDIUM
CVSS:5.3(Medium)

The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

CWE-7322017

CVE-2017-16754

MEDIUM
CVSS:5.3(Medium)

Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServiceProvider.php.

CWE-7322017