Description

Due to the usage of vulnerable third party component in SAP Wily Introscope Enterprise Manager (WorkStation), an unauthenticated attacker could create a malicious JNLP (Java Network Launch Protocol) file accessible by a public facing URL. When a victim clicks on the URL the accessed Wily Introscope Server could execute OS commands on the victim's machine. This could completely compromising confidentiality, integrity and availability of the system.

INFO

Published Date :

2026-01-13T01:13:57.659Z

Last Modified :

2026-01-13T01:13:57.659Z

Source :

sap
AFFECTED PRODUCTS

The following products are affected by CVE-2026-0500 vulnerability.

Vendors Products
Sap
  • Introscope Enterprise Manager
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0500.

URL Resource
https://me.sap.com/notes/3668679 cve-icon cve-icon
https://url.sap/sapsecuritypatchday cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact