← Retour aux CVEs
CVE-2026-0510
LOW3.0
Description
The User Management Engine (UME) in NetWeaver Application Server for Java (NW AS Java) utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially leading to partial disclosure of sensitive information.This has low impact on confidentiality with no impact on integrity and availability of the application.
Details CVE
Score CVSS v3.13.0
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisHIGH
Interaction utilisateurNONE
Publie1/13/2026
Derniere modification1/13/2026
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-326
References
https://me.sap.com/notes/3593356(cna@sap.com)
https://url.sap/sapsecuritypatchday(cna@sap.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.