CVE-2026-34257
Gravedad CVSS v3.1:
MEDIA
Tipo:
CWE-601
Redireccionamiento de URL a sitio no confiable (Open Redirect)
Fecha de publicación:
14/04/2026
Última modificación:
03/06/2026
Descripción
*** Pendiente de traducción *** Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the application with no impact on availability.
Impacto
Puntuación base 3.x
6.10
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:sap:netweaver_application_server_abap:700:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:701:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:702:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:731:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:740:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:750:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:752:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:753:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:754:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:755:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:756:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:757:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:758:*:*:*:sap_basis:*:*:* | ||
| cpe:2.3:a:sap:netweaver_application_server_abap:816:*:*:*:sap_basis:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página