Search criteria
21 vulnerabilities found for business_warehouse by sap
FKIE_CVE-2024-39594
Vulnerability from fkie_nvd - Published: 2024-07-09 05:15 - Updated: 2025-10-29 14:39
Severity ?
Summary
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user controlled inputs,
resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After
successful exploitation, an attacker can cause low impact on the confidentiality
and integrity of the application.
References
| URL | Tags | ||
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3482217 | Permissions Required | |
| cna@sap.com | https://url.sap/sapsecuritypatchday | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3482217 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://url.sap/sapsecuritypatchday | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 700 | |
| sap | business_warehouse | 701 | |
| sap | business_warehouse | 702 | |
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 751 | |
| sap | business_warehouse | 752 | |
| sap | business_warehouse | 753 | |
| sap | business_warehouse | 754 | |
| sap | business_warehouse | 755 | |
| sap | business_warehouse | 756 | |
| sap | business_warehouse | 757 | |
| sap | business_warehouse | 758 | |
| sap | business_warehouse_virtual_comp | 701 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:700:*:*:*:*:*:*:*",
"matchCriteriaId": "D495F997-45A9-4C80-841E-781E1EAC3074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:701:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCA6F5A-25B8-46E1-B407-38F61222C057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:702:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE999EE-9B6B-4D2C-9347-5558B878AE7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4E38AC-5888-4ABD-AAB1-BC5312701195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7A93A1-3D65-4C79-92B1-E433EE443478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*",
"matchCriteriaId": "80E03381-893C-4646-9150-303AB4F6144B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*",
"matchCriteriaId": "1400B8E5-8400-420A-8581-9F3B07EF6BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABE173B-C66E-4A69-9735-E325C0DAC062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:756:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF64C99-2AEF-4942-90AC-053CE56293F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:757:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E527DF-7066-4869-A914-DD29979EE90D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:758:*:*:*:*:*:*:*",
"matchCriteriaId": "093021E9-112A-4828-AE86-8B32BCC9B8B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse_virtual_comp:701:*:*:*:*:*:*:*",
"matchCriteriaId": "F10F39E6-41C6-46E7-855A-8D05055A8142",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user controlled inputs,\nresulting in Reflected Cross-Site Scripting (XSS) vulnerability. After\nsuccessful exploitation, an attacker can cause low impact on the confidentiality\nand integrity of the application."
},
{
"lang": "es",
"value": "SAP Business Warehouse: la aplicaci\u00f3n de simulaci\u00f3n y planificaci\u00f3n empresarial no codifica suficientemente las entradas controladas por el usuario, lo que genera una vulnerabilidad de Cross Site Scripting reflejado (XSS). Despu\u00e9s de una explotaci\u00f3n exitosa, un atacante puede causar un impacto reducido en la confidencialidad y la integridad de la aplicaci\u00f3n."
}
],
"id": "CVE-2024-39594",
"lastModified": "2025-10-29T14:39:47.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
}
]
},
"published": "2024-07-09T05:15:12.300",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3482217"
},
{
"source": "cna@sap.com",
"tags": [
"Patch"
],
"url": "https://url.sap/sapsecuritypatchday"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3482217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://url.sap/sapsecuritypatchday"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-39595
Vulnerability from fkie_nvd - Published: 2024-07-09 05:15 - Updated: 2025-10-28 18:41
Severity ?
Summary
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user-controlled inputs,
resulting in Stored Cross-Site Scripting (XSS) vulnerability. This
vulnerability allows users to modify website content and on successful
exploitation, an attacker can cause low impact to the confidentiality and
integrity of the application.
References
| URL | Tags | ||
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3482217 | Permissions Required | |
| cna@sap.com | https://url.sap/sapsecuritypatchday | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3482217 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://url.sap/sapsecuritypatchday | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 700 | |
| sap | business_warehouse | 701 | |
| sap | business_warehouse | 702 | |
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 751 | |
| sap | business_warehouse | 752 | |
| sap | business_warehouse | 753 | |
| sap | business_warehouse | 754 | |
| sap | business_warehouse | 755 | |
| sap | business_warehouse | 756 | |
| sap | business_warehouse | 757 | |
| sap | business_warehouse | 758 | |
| sap | business_warehouse_virtual_comp | 701 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:700:*:*:*:*:*:*:*",
"matchCriteriaId": "D495F997-45A9-4C80-841E-781E1EAC3074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:701:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCA6F5A-25B8-46E1-B407-38F61222C057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:702:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE999EE-9B6B-4D2C-9347-5558B878AE7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4E38AC-5888-4ABD-AAB1-BC5312701195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7A93A1-3D65-4C79-92B1-E433EE443478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*",
"matchCriteriaId": "80E03381-893C-4646-9150-303AB4F6144B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*",
"matchCriteriaId": "1400B8E5-8400-420A-8581-9F3B07EF6BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABE173B-C66E-4A69-9735-E325C0DAC062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:756:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF64C99-2AEF-4942-90AC-053CE56293F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:757:*:*:*:*:*:*:*",
"matchCriteriaId": "C8E527DF-7066-4869-A914-DD29979EE90D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:758:*:*:*:*:*:*:*",
"matchCriteriaId": "093021E9-112A-4828-AE86-8B32BCC9B8B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse_virtual_comp:701:*:*:*:*:*:*:*",
"matchCriteriaId": "F10F39E6-41C6-46E7-855A-8D05055A8142",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user-controlled inputs,\nresulting in Stored Cross-Site Scripting (XSS) vulnerability. This\nvulnerability allows users to modify website content and on successful\nexploitation, an attacker can cause low impact to the confidentiality and\nintegrity of the application."
},
{
"lang": "es",
"value": "SAP Business Warehouse: la aplicaci\u00f3n de simulaci\u00f3n y planificaci\u00f3n empresarial no codifica suficientemente las entradas controladas por el usuario, lo que genera una vulnerabilidad de Cross Site Scripting almacenado (XSS). Esta vulnerabilidad permite a los usuarios modificar el contenido del sitio web y, si se explota con \u00e9xito, un atacante puede causar poco impacto en la confidencialidad y la integridad de la aplicaci\u00f3n."
}
],
"id": "CVE-2024-39595",
"lastModified": "2025-10-28T18:41:39.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
}
]
},
"published": "2024-07-09T05:15:12.507",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3482217"
},
{
"source": "cna@sap.com",
"tags": [
"Patch"
],
"url": "https://url.sap/sapsecuritypatchday"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3482217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://url.sap/sapsecuritypatchday"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-33992
Vulnerability from fkie_nvd - Published: 2023-07-11 03:15 - Updated: 2024-11-21 08:06
Severity ?
4.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.
References
| URL | Tags | ||
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3088078 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3088078 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | bw\/4hana | 100 | |
| sap | bw\/4hana | 200 | |
| sap | bw\/4hana | 300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD13072-E149-45FB-BD46-E3D48D81216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*",
"matchCriteriaId": "704134B4-A642-488F-94B3-48A744C46A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:300:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCF4C28-1C0B-43C3-A870-C30F53BCAA2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\n\n"
}
],
"id": "CVE-2023-33992",
"lastModified": "2024-11-21T08:06:22.143",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-11T03:15:09.717",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3088078"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3088078"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
FKIE_CVE-2021-21468
Vulnerability from fkie_nvd - Published: 2021-01-12 15:15 - Updated: 2024-11-21 05:48
Severity ?
Summary
The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 710 | |
| sap | business_warehouse | 711 | |
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 751 | |
| sap | business_warehouse | 752 | |
| sap | business_warehouse | 753 | |
| sap | business_warehouse | 754 | |
| sap | business_warehouse | 755 | |
| sap | business_warehouse | 782 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:710:*:*:*:*:*:*:*",
"matchCriteriaId": "C7FAC6A3-1ADF-48F2-971B-5ADF9F101583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:711:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE777B-AA53-4A6B-AD6E-5DCEEAC217AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4E38AC-5888-4ABD-AAB1-BC5312701195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7A93A1-3D65-4C79-92B1-E433EE443478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*",
"matchCriteriaId": "80E03381-893C-4646-9150-303AB4F6144B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*",
"matchCriteriaId": "1400B8E5-8400-420A-8581-9F3B07EF6BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABE173B-C66E-4A69-9735-E325C0DAC062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*",
"matchCriteriaId": "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table."
},
{
"lang": "es",
"value": "La interfaz de Base de Datos de BW no lleva a cabo las comprobaciones de autorizaci\u00f3n necesarias para un usuario autenticado, resultando en una escalada de privilegios que permite al usuario leer pr\u00e1cticamente cualquier tabla de la base de datos"
}
],
"id": "CVE-2021-21468",
"lastModified": "2024-11-21T05:48:26.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-12T15:15:16.093",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
},
{
"source": "cna@sap.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-21466
Vulnerability from fkie_nvd - Published: 2021-01-12 15:15 - Updated: 2024-11-21 05:48
Severity ?
Summary
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 700 | |
| sap | business_warehouse | 701 | |
| sap | business_warehouse | 702 | |
| sap | business_warehouse | 711 | |
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 782 | |
| sap | bw\/4hana | 100 | |
| sap | bw\/4hana | 200 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:700:*:*:*:*:*:*:*",
"matchCriteriaId": "D495F997-45A9-4C80-841E-781E1EAC3074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:701:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCA6F5A-25B8-46E1-B407-38F61222C057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:702:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE999EE-9B6B-4D2C-9347-5558B878AE7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:711:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE777B-AA53-4A6B-AD6E-5DCEEAC217AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*",
"matchCriteriaId": "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD13072-E149-45FB-BD46-E3D48D81216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*",
"matchCriteriaId": "704134B4-A642-488F-94B3-48A744C46A1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service."
},
{
"lang": "es",
"value": "SAP Business Warehouse, versiones 700, 701, 702, 711, 730, 731, 740, 750, 782 y SAP BW/4HANA, versiones 100, 200, permiten a un atacante poco privilegiado inyectar c\u00f3digo usando un m\u00f3dulo de funci\u00f3n habilitado de forma remota a trav\u00e9s de la red.\u0026#xa0;Por medio del m\u00f3dulo de funci\u00f3n, un atacante puede crear un reporte ABAP malicioso que podr\u00eda ser usado para obtener acceso a datos confidenciales, para inyectar sentencias UPDATE maliciosas que tambi\u00e9n podr\u00edan tener un impacto en el sistema operativo, para interrumpir la funcionalidad del sistema SAP que, por lo tanto, puede conducir a una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-21466",
"lastModified": "2024-11-21T05:48:25.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-12T15:15:15.953",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
},
{
"source": "cna@sap.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-21465
Vulnerability from fkie_nvd - Published: 2021-01-12 15:15 - Updated: 2024-11-21 05:48
Severity ?
Summary
The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 710 | |
| sap | business_warehouse | 711 | |
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 751 | |
| sap | business_warehouse | 752 | |
| sap | business_warehouse | 753 | |
| sap | business_warehouse | 754 | |
| sap | business_warehouse | 755 | |
| sap | business_warehouse | 782 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:710:*:*:*:*:*:*:*",
"matchCriteriaId": "C7FAC6A3-1ADF-48F2-971B-5ADF9F101583",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:711:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE777B-AA53-4A6B-AD6E-5DCEEAC217AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4E38AC-5888-4ABD-AAB1-BC5312701195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7A93A1-3D65-4C79-92B1-E433EE443478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*",
"matchCriteriaId": "80E03381-893C-4646-9150-303AB4F6144B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*",
"matchCriteriaId": "1400B8E5-8400-420A-8581-9F3B07EF6BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABE173B-C66E-4A69-9735-E325C0DAC062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*",
"matchCriteriaId": "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system."
},
{
"lang": "es",
"value": "La Interfaz de Base de Datos de BW permite a un atacante con pocos privilegios ejecutar cualquier consulta de la base de datos dise\u00f1ada, exponiendo la base de datos del backend.\u0026#xa0;Un atacante puede incluir sus propios comandos SQL que la base de datos ejecutar\u00e1 sin sanear apropiadamente los datos no confiables, conllevando a una vulnerabilidad de inyecci\u00f3n SQL que puede comprometer por completo el sistema SAP afectado"
}
],
"id": "CVE-2021-21465",
"lastModified": "2024-11-21T05:48:25.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-12T15:15:15.860",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
},
{
"source": "cna@sap.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-26838
Vulnerability from fkie_nvd - Published: 2020-12-09 17:15 - Updated: 2024-11-21 05:20
Severity ?
Summary
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 700 | |
| sap | business_warehouse | 701 | |
| sap | business_warehouse | 702 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 751 | |
| sap | business_warehouse | 752 | |
| sap | business_warehouse | 753 | |
| sap | business_warehouse | 754 | |
| sap | business_warehouse | 755 | |
| sap | business_warehouse | 782 | |
| sap | bw\/4hana | 100 | |
| sap | bw\/4hana | 200 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_warehouse:700:*:*:*:*:*:*:*",
"matchCriteriaId": "D495F997-45A9-4C80-841E-781E1EAC3074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:701:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCA6F5A-25B8-46E1-B407-38F61222C057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:702:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE999EE-9B6B-4D2C-9347-5558B878AE7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4E38AC-5888-4ABD-AAB1-BC5312701195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7A93A1-3D65-4C79-92B1-E433EE443478",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*",
"matchCriteriaId": "80E03381-893C-4646-9150-303AB4F6144B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*",
"matchCriteriaId": "1400B8E5-8400-420A-8581-9F3B07EF6BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*",
"matchCriteriaId": "2ABE173B-C66E-4A69-9735-E325C0DAC062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*",
"matchCriteriaId": "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD13072-E149-45FB-BD46-E3D48D81216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*",
"matchCriteriaId": "704134B4-A642-488F-94B3-48A744C46A1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it."
},
{
"lang": "es",
"value": "SAP Business Warehouse, versiones: 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782 y SAP BW4HANA, versiones: 100, 200 permite a un atacante autenticado con (altos) privilegios de desarrollador enviar una petici\u00f3n dise\u00f1ada para generar y ejecutar c\u00f3digo sin ser necesario una interacci\u00f3n del usuario. Es posible dise\u00f1ar una petici\u00f3n que resultar\u00e1 en una ejecuci\u00f3n de comandos del Sistema Operativo conllevando a una vulnerabilidad de Inyecci\u00f3n de C\u00f3digo que podr\u00eda comprometer completamente la confidencialidad, integridad y disponibilidad del servidor y cualquier dato u otras aplicaciones que se ejecuten en \u00e9l"
}
],
"id": "CVE-2020-26838",
"lastModified": "2024-11-21T05:20:22.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-09T17:15:31.620",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2983367"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2983367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-39595 (GCVE-0-2024-39595)
Vulnerability from cvelistv5 – Published: 2024-07-09 04:13 – Updated: 2024-08-02 04:26
VLAI?
Summary
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user-controlled inputs,
resulting in Stored Cross-Site Scripting (XSS) vulnerability. This
vulnerability allows users to modify website content and on successful
exploitation, an attacker can cause low impact to the confidentiality and
integrity of the application.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse - Business Planning and Simulation |
Affected:
SAP_BW 700
Affected: SAP_BW 701 Affected: SAP_BW 702 Affected: SAP_BW 730 Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: SAP_BW 751 Affected: SAP_BW 752 Affected: SAP_BW 753 Affected: SAP_BW 754 Affected: SAP_BW 755 Affected: SAP_BW 756 Affected: SAP_BW 757 Affected: SAP_BW 758 Affected: SAP_BW_VIRTUAL_COMP 701 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:53:52.958466Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:54:14.485Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:16.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://url.sap/sapsecuritypatchday"
},
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3482217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse - Business Planning and Simulation",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 700"
},
{
"status": "affected",
"version": "SAP_BW 701"
},
{
"status": "affected",
"version": "SAP_BW 702"
},
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "SAP_BW 751"
},
{
"status": "affected",
"version": "SAP_BW 752"
},
{
"status": "affected",
"version": "SAP_BW 753"
},
{
"status": "affected",
"version": "SAP_BW 754"
},
{
"status": "affected",
"version": "SAP_BW 755"
},
{
"status": "affected",
"version": "SAP_BW 756"
},
{
"status": "affected",
"version": "SAP_BW 757"
},
{
"status": "affected",
"version": "SAP_BW 758"
},
{
"status": "affected",
"version": "SAP_BW_VIRTUAL_COMP 701"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user-controlled inputs,\nresulting in Stored Cross-Site Scripting (XSS) vulnerability. This\nvulnerability allows users to modify website content and on successful\nexploitation, an attacker can cause low impact to the confidentiality and\nintegrity of the application.\n\n\n\n"
}
],
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user-controlled inputs,\nresulting in Stored Cross-Site Scripting (XSS) vulnerability. This\nvulnerability allows users to modify website content and on successful\nexploitation, an attacker can cause low impact to the confidentiality and\nintegrity of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T04:13:49.560Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://url.sap/sapsecuritypatchday"
},
{
"url": "https://me.sap.com/notes/3482217"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-39595",
"datePublished": "2024-07-09T04:13:49.560Z",
"dateReserved": "2024-06-26T09:58:24.095Z",
"dateUpdated": "2024-08-02T04:26:16.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39594 (GCVE-0-2024-39594)
Vulnerability from cvelistv5 – Published: 2024-07-09 04:10 – Updated: 2024-08-02 04:26
VLAI?
Summary
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user controlled inputs,
resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After
successful exploitation, an attacker can cause low impact on the confidentiality
and integrity of the application.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse - Business Planning and Simulation |
Affected:
SAP_BW 700
Affected: SAP_BW 701 Affected: SAP_BW 702 Affected: SAP_BW 730 Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: SAP_BW 751 Affected: SAP_BW 752 Affected: SAP_BW 753 Affected: SAP_BW 754 Affected: SAP_BW 755 Affected: SAP_BW 756 Affected: SAP_BW 757 Affected: SAP_BW 758 Affected: SAP_BW_VIRTUAL_COMP 701 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39594",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:21:45.839128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T20:21:58.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:16.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://url.sap/sapsecuritypatchday"
},
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3482217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse - Business Planning and Simulation",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 700"
},
{
"status": "affected",
"version": "SAP_BW 701"
},
{
"status": "affected",
"version": "SAP_BW 702"
},
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "SAP_BW 751"
},
{
"status": "affected",
"version": "SAP_BW 752"
},
{
"status": "affected",
"version": "SAP_BW 753"
},
{
"status": "affected",
"version": "SAP_BW 754"
},
{
"status": "affected",
"version": "SAP_BW 755"
},
{
"status": "affected",
"version": "SAP_BW 756"
},
{
"status": "affected",
"version": "SAP_BW 757"
},
{
"status": "affected",
"version": "SAP_BW 758"
},
{
"status": "affected",
"version": "SAP_BW_VIRTUAL_COMP 701"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user controlled inputs,\nresulting in Reflected Cross-Site Scripting (XSS) vulnerability. After\nsuccessful exploitation, an attacker can cause low impact on the confidentiality\nand integrity of the application.\n\n\n\n"
}
],
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user controlled inputs,\nresulting in Reflected Cross-Site Scripting (XSS) vulnerability. After\nsuccessful exploitation, an attacker can cause low impact on the confidentiality\nand integrity of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T04:10:40.727Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://url.sap/sapsecuritypatchday"
},
{
"url": "https://me.sap.com/notes/3482217"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-39594",
"datePublished": "2024-07-09T04:10:40.727Z",
"dateReserved": "2024-06-26T09:58:24.095Z",
"dateUpdated": "2024-08-02T04:26:16.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33992 (GCVE-0-2023-33992)
Vulnerability from cvelistv5 – Published: 2023-07-11 02:34 – Updated: 2024-10-29 13:43
VLAI?
Summary
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.
Severity ?
4.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA |
Affected:
SAP_BW 730
Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: DW4CORE 100 Affected: DW4CORE 200 Affected: DW4CORE 300 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3088078"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T18:38:55.404664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T13:43:38.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse and SAP BW/4HANA",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "DW4CORE 100"
},
{
"status": "affected",
"version": "DW4CORE 200"
},
{
"status": "affected",
"version": "DW4CORE 300"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\u003c/p\u003e"
}
],
"value": "The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:34:11.627Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3088078"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33992",
"datePublished": "2023-07-11T02:34:11.627Z",
"dateReserved": "2023-05-24T20:41:32.835Z",
"dateUpdated": "2024-10-29T13:43:38.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21466 (GCVE-0-2021-21466)
Vulnerability from cvelistv5 – Published: 2021-01-12 14:42 – Updated: 2024-08-03 18:16
VLAI?
Summary
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.
Severity ?
9.9 (Critical)
CWE
- Code Injection
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 700
Affected: < 701 Affected: < 702 Affected: < 711 Affected: < 730 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 782 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 700"
},
{
"status": "affected",
"version": "\u003c 701"
},
{
"status": "affected",
"version": "\u003c 702"
},
{
"status": "affected",
"version": "\u003c 711"
},
{
"status": "affected",
"version": "\u003c 730"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
},
{
"product": "SAP BW/4HANA",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 100"
},
{
"status": "affected",
"version": "\u003c 200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-19T17:06:16",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "700"
},
{
"version_name": "\u003c",
"version_value": "701"
},
{
"version_name": "\u003c",
"version_value": "702"
},
{
"version_name": "\u003c",
"version_value": "711"
},
{
"version_name": "\u003c",
"version_value": "730"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
},
{
"product_name": "SAP BW/4HANA",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "100"
},
{
"version_name": "\u003c",
"version_value": "200"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.9",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2999854",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"name": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21466",
"datePublished": "2021-01-12T14:42:39",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21465 (GCVE-0-2021-21465)
Vulnerability from cvelistv5 – Published: 2021-01-12 14:40 – Updated: 2024-08-03 18:16
VLAI?
Summary
The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system.
Severity ?
9.9 (Critical)
CWE
- SQL Injection
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 710
Affected: < 711 Affected: < 730 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 751 Affected: < 752 Affected: < 753 Affected: < 754 Affected: < 755 Affected: < 782 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 710"
},
{
"status": "affected",
"version": "\u003c 711"
},
{
"status": "affected",
"version": "\u003c 730"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 751"
},
{
"status": "affected",
"version": "\u003c 752"
},
{
"status": "affected",
"version": "\u003c 753"
},
{
"status": "affected",
"version": "\u003c 754"
},
{
"status": "affected",
"version": "\u003c 755"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-19T17:06:15",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "710"
},
{
"version_name": "\u003c",
"version_value": "711"
},
{
"version_name": "\u003c",
"version_value": "730"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "751"
},
{
"version_name": "\u003c",
"version_value": "752"
},
{
"version_name": "\u003c",
"version_value": "753"
},
{
"version_name": "\u003c",
"version_value": "754"
},
{
"version_name": "\u003c",
"version_value": "755"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.9",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2986980",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"name": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21465",
"datePublished": "2021-01-12T14:40:57",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21468 (GCVE-0-2021-21468)
Vulnerability from cvelistv5 – Published: 2021-01-12 14:40 – Updated: 2024-08-03 18:16
VLAI?
Summary
The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
Severity ?
6.5 (Medium)
CWE
- Missing Authorization check
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 710
Affected: < 711 Affected: < 730 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 751 Affected: < 752 Affected: < 753 Affected: < 754 Affected: < 755 Affected: < 782 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 710"
},
{
"status": "affected",
"version": "\u003c 711"
},
{
"status": "affected",
"version": "\u003c 730"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 751"
},
{
"status": "affected",
"version": "\u003c 752"
},
{
"status": "affected",
"version": "\u003c 753"
},
{
"status": "affected",
"version": "\u003c 754"
},
{
"status": "affected",
"version": "\u003c 755"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authorization check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-19T17:06:22",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "710"
},
{
"version_name": "\u003c",
"version_value": "711"
},
{
"version_name": "\u003c",
"version_value": "730"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "751"
},
{
"version_name": "\u003c",
"version_value": "752"
},
{
"version_name": "\u003c",
"version_value": "753"
},
{
"version_name": "\u003c",
"version_value": "754"
},
{
"version_name": "\u003c",
"version_value": "755"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authorization check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2986980",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"name": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21468",
"datePublished": "2021-01-12T14:40:53",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26838 (GCVE-0-2020-26838)
Vulnerability from cvelistv5 – Published: 2020-12-09 16:31 – Updated: 2024-08-04 16:03
VLAI?
Summary
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.
Severity ?
9.1 (Critical)
CWE
- Code Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 700
Affected: < 701 Affected: < 702 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 751 Affected: < 752 Affected: < 753 Affected: < 754 Affected: < 755 Affected: < 782 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:03:22.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2983367"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 700"
},
{
"status": "affected",
"version": "\u003c 701"
},
{
"status": "affected",
"version": "\u003c 702"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 751"
},
{
"status": "affected",
"version": "\u003c 752"
},
{
"status": "affected",
"version": "\u003c 753"
},
{
"status": "affected",
"version": "\u003c 754"
},
{
"status": "affected",
"version": "\u003c 755"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
},
{
"product": "SAP BW4HANA",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 100"
},
{
"status": "affected",
"version": "\u003c 200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T16:31:14",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2983367"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-26838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "700"
},
{
"version_name": "\u003c",
"version_value": "701"
},
{
"version_name": "\u003c",
"version_value": "702"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "751"
},
{
"version_name": "\u003c",
"version_value": "752"
},
{
"version_name": "\u003c",
"version_value": "753"
},
{
"version_name": "\u003c",
"version_value": "754"
},
{
"version_name": "\u003c",
"version_value": "755"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
},
{
"product_name": "SAP BW4HANA",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "100"
},
{
"version_name": "\u003c",
"version_value": "200"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2983367",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2983367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-26838",
"datePublished": "2020-12-09T16:31:14",
"dateReserved": "2020-10-07T00:00:00",
"dateUpdated": "2024-08-04T16:03:22.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39595 (GCVE-0-2024-39595)
Vulnerability from nvd – Published: 2024-07-09 04:13 – Updated: 2024-08-02 04:26
VLAI?
Summary
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user-controlled inputs,
resulting in Stored Cross-Site Scripting (XSS) vulnerability. This
vulnerability allows users to modify website content and on successful
exploitation, an attacker can cause low impact to the confidentiality and
integrity of the application.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse - Business Planning and Simulation |
Affected:
SAP_BW 700
Affected: SAP_BW 701 Affected: SAP_BW 702 Affected: SAP_BW 730 Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: SAP_BW 751 Affected: SAP_BW 752 Affected: SAP_BW 753 Affected: SAP_BW 754 Affected: SAP_BW 755 Affected: SAP_BW 756 Affected: SAP_BW 757 Affected: SAP_BW 758 Affected: SAP_BW_VIRTUAL_COMP 701 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:53:52.958466Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:54:14.485Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:16.023Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://url.sap/sapsecuritypatchday"
},
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3482217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse - Business Planning and Simulation",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 700"
},
{
"status": "affected",
"version": "SAP_BW 701"
},
{
"status": "affected",
"version": "SAP_BW 702"
},
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "SAP_BW 751"
},
{
"status": "affected",
"version": "SAP_BW 752"
},
{
"status": "affected",
"version": "SAP_BW 753"
},
{
"status": "affected",
"version": "SAP_BW 754"
},
{
"status": "affected",
"version": "SAP_BW 755"
},
{
"status": "affected",
"version": "SAP_BW 756"
},
{
"status": "affected",
"version": "SAP_BW 757"
},
{
"status": "affected",
"version": "SAP_BW 758"
},
{
"status": "affected",
"version": "SAP_BW_VIRTUAL_COMP 701"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user-controlled inputs,\nresulting in Stored Cross-Site Scripting (XSS) vulnerability. This\nvulnerability allows users to modify website content and on successful\nexploitation, an attacker can cause low impact to the confidentiality and\nintegrity of the application.\n\n\n\n"
}
],
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user-controlled inputs,\nresulting in Stored Cross-Site Scripting (XSS) vulnerability. This\nvulnerability allows users to modify website content and on successful\nexploitation, an attacker can cause low impact to the confidentiality and\nintegrity of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T04:13:49.560Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://url.sap/sapsecuritypatchday"
},
{
"url": "https://me.sap.com/notes/3482217"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-39595",
"datePublished": "2024-07-09T04:13:49.560Z",
"dateReserved": "2024-06-26T09:58:24.095Z",
"dateUpdated": "2024-08-02T04:26:16.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39594 (GCVE-0-2024-39594)
Vulnerability from nvd – Published: 2024-07-09 04:10 – Updated: 2024-08-02 04:26
VLAI?
Summary
SAP Business Warehouse - Business Planning and
Simulation application does not sufficiently encode user controlled inputs,
resulting in Reflected Cross-Site Scripting (XSS) vulnerability. After
successful exploitation, an attacker can cause low impact on the confidentiality
and integrity of the application.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse - Business Planning and Simulation |
Affected:
SAP_BW 700
Affected: SAP_BW 701 Affected: SAP_BW 702 Affected: SAP_BW 730 Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: SAP_BW 751 Affected: SAP_BW 752 Affected: SAP_BW 753 Affected: SAP_BW 754 Affected: SAP_BW 755 Affected: SAP_BW 756 Affected: SAP_BW 757 Affected: SAP_BW 758 Affected: SAP_BW_VIRTUAL_COMP 701 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39594",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:21:45.839128Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T20:21:58.159Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:16.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://url.sap/sapsecuritypatchday"
},
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3482217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse - Business Planning and Simulation",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 700"
},
{
"status": "affected",
"version": "SAP_BW 701"
},
{
"status": "affected",
"version": "SAP_BW 702"
},
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "SAP_BW 751"
},
{
"status": "affected",
"version": "SAP_BW 752"
},
{
"status": "affected",
"version": "SAP_BW 753"
},
{
"status": "affected",
"version": "SAP_BW 754"
},
{
"status": "affected",
"version": "SAP_BW 755"
},
{
"status": "affected",
"version": "SAP_BW 756"
},
{
"status": "affected",
"version": "SAP_BW 757"
},
{
"status": "affected",
"version": "SAP_BW 758"
},
{
"status": "affected",
"version": "SAP_BW_VIRTUAL_COMP 701"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user controlled inputs,\nresulting in Reflected Cross-Site Scripting (XSS) vulnerability. After\nsuccessful exploitation, an attacker can cause low impact on the confidentiality\nand integrity of the application.\n\n\n\n"
}
],
"value": "SAP Business Warehouse - Business Planning and\nSimulation application does not sufficiently encode user controlled inputs,\nresulting in Reflected Cross-Site Scripting (XSS) vulnerability. After\nsuccessful exploitation, an attacker can cause low impact on the confidentiality\nand integrity of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T04:10:40.727Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://url.sap/sapsecuritypatchday"
},
{
"url": "https://me.sap.com/notes/3482217"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "[CVE-2024-39594] Multiple Cross-Site Scripting (XSS) vulnerabilities in SAP Business Warehouse - Business Planning and Simulation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-39594",
"datePublished": "2024-07-09T04:10:40.727Z",
"dateReserved": "2024-06-26T09:58:24.095Z",
"dateUpdated": "2024-08-02T04:26:16.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-33992 (GCVE-0-2023-33992)
Vulnerability from nvd – Published: 2023-07-11 02:34 – Updated: 2024-10-29 13:43
VLAI?
Summary
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.
Severity ?
4.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA |
Affected:
SAP_BW 730
Affected: SAP_BW 731 Affected: SAP_BW 740 Affected: SAP_BW 750 Affected: DW4CORE 100 Affected: DW4CORE 200 Affected: DW4CORE 300 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3088078"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T18:38:55.404664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T13:43:38.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Business Warehouse and SAP BW/4HANA",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_BW 730"
},
{
"status": "affected",
"version": "SAP_BW 731"
},
{
"status": "affected",
"version": "SAP_BW 740"
},
{
"status": "affected",
"version": "SAP_BW 750"
},
{
"status": "affected",
"version": "DW4CORE 100"
},
{
"status": "affected",
"version": "DW4CORE 200"
},
{
"status": "affected",
"version": "DW4CORE 300"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\u003c/p\u003e"
}
],
"value": "The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T02:34:11.627Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3088078"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33992",
"datePublished": "2023-07-11T02:34:11.627Z",
"dateReserved": "2023-05-24T20:41:32.835Z",
"dateUpdated": "2024-10-29T13:43:38.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21466 (GCVE-0-2021-21466)
Vulnerability from nvd – Published: 2021-01-12 14:42 – Updated: 2024-08-03 18:16
VLAI?
Summary
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.
Severity ?
9.9 (Critical)
CWE
- Code Injection
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 700
Affected: < 701 Affected: < 702 Affected: < 711 Affected: < 730 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 782 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 700"
},
{
"status": "affected",
"version": "\u003c 701"
},
{
"status": "affected",
"version": "\u003c 702"
},
{
"status": "affected",
"version": "\u003c 711"
},
{
"status": "affected",
"version": "\u003c 730"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
},
{
"product": "SAP BW/4HANA",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 100"
},
{
"status": "affected",
"version": "\u003c 200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-19T17:06:16",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "700"
},
{
"version_name": "\u003c",
"version_value": "701"
},
{
"version_name": "\u003c",
"version_value": "702"
},
{
"version_name": "\u003c",
"version_value": "711"
},
{
"version_name": "\u003c",
"version_value": "730"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
},
{
"product_name": "SAP BW/4HANA",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "100"
},
{
"version_name": "\u003c",
"version_value": "200"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.9",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2999854",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2999854"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"name": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21466",
"datePublished": "2021-01-12T14:42:39",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21465 (GCVE-0-2021-21465)
Vulnerability from nvd – Published: 2021-01-12 14:40 – Updated: 2024-08-03 18:16
VLAI?
Summary
The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system.
Severity ?
9.9 (Critical)
CWE
- SQL Injection
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 710
Affected: < 711 Affected: < 730 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 751 Affected: < 752 Affected: < 753 Affected: < 754 Affected: < 755 Affected: < 782 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 710"
},
{
"status": "affected",
"version": "\u003c 711"
},
{
"status": "affected",
"version": "\u003c 730"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 751"
},
{
"status": "affected",
"version": "\u003c 752"
},
{
"status": "affected",
"version": "\u003c 753"
},
{
"status": "affected",
"version": "\u003c 754"
},
{
"status": "affected",
"version": "\u003c 755"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-19T17:06:15",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21465",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "710"
},
{
"version_name": "\u003c",
"version_value": "711"
},
{
"version_name": "\u003c",
"version_value": "730"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "751"
},
{
"version_name": "\u003c",
"version_value": "752"
},
{
"version_name": "\u003c",
"version_value": "753"
},
{
"version_name": "\u003c",
"version_value": "754"
},
{
"version_name": "\u003c",
"version_value": "755"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BW Database Interface allows an attacker with low privileges to execute any crafted database queries, exposing the backend database. An attacker can include their own SQL commands which the database will execute without properly sanitizing the untrusted data leading to SQL injection vulnerability which can fully compromise the affected SAP system."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.9",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2986980",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"name": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21465",
"datePublished": "2021-01-12T14:40:57",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21468 (GCVE-0-2021-21468)
Vulnerability from nvd – Published: 2021-01-12 14:40 – Updated: 2024-08-03 18:16
VLAI?
Summary
The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
Severity ?
6.5 (Medium)
CWE
- Missing Authorization check
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 710
Affected: < 711 Affected: < 730 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 751 Affected: < 752 Affected: < 753 Affected: < 754 Affected: < 755 Affected: < 782 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 710"
},
{
"status": "affected",
"version": "\u003c 711"
},
{
"status": "affected",
"version": "\u003c 730"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 751"
},
{
"status": "affected",
"version": "\u003c 752"
},
{
"status": "affected",
"version": "\u003c 753"
},
{
"status": "affected",
"version": "\u003c 754"
},
{
"status": "affected",
"version": "\u003c 755"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authorization check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-19T17:06:22",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "710"
},
{
"version_name": "\u003c",
"version_value": "711"
},
{
"version_name": "\u003c",
"version_value": "730"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "751"
},
{
"version_name": "\u003c",
"version_value": "752"
},
{
"version_name": "\u003c",
"version_value": "753"
},
{
"version_name": "\u003c",
"version_value": "754"
},
{
"version_name": "\u003c",
"version_value": "755"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authorization check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2986980",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2986980"
},
{
"name": "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/42"
},
{
"name": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21468",
"datePublished": "2021-01-12T14:40:53",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26838 (GCVE-0-2020-26838)
Vulnerability from nvd – Published: 2020-12-09 16:31 – Updated: 2024-08-04 16:03
VLAI?
Summary
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.
Severity ?
9.1 (Critical)
CWE
- Code Injection
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| SAP SE | SAP Business Warehouse |
Affected:
< 700
Affected: < 701 Affected: < 702 Affected: < 731 Affected: < 740 Affected: < 750 Affected: < 751 Affected: < 752 Affected: < 753 Affected: < 754 Affected: < 755 Affected: < 782 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:03:22.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2983367"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Business Warehouse",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 700"
},
{
"status": "affected",
"version": "\u003c 701"
},
{
"status": "affected",
"version": "\u003c 702"
},
{
"status": "affected",
"version": "\u003c 731"
},
{
"status": "affected",
"version": "\u003c 740"
},
{
"status": "affected",
"version": "\u003c 750"
},
{
"status": "affected",
"version": "\u003c 751"
},
{
"status": "affected",
"version": "\u003c 752"
},
{
"status": "affected",
"version": "\u003c 753"
},
{
"status": "affected",
"version": "\u003c 754"
},
{
"status": "affected",
"version": "\u003c 755"
},
{
"status": "affected",
"version": "\u003c 782"
}
]
},
{
"product": "SAP BW4HANA",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 100"
},
{
"status": "affected",
"version": "\u003c 200"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T16:31:14",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2983367"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-26838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Business Warehouse",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "700"
},
{
"version_name": "\u003c",
"version_value": "701"
},
{
"version_name": "\u003c",
"version_value": "702"
},
{
"version_name": "\u003c",
"version_value": "731"
},
{
"version_name": "\u003c",
"version_value": "740"
},
{
"version_name": "\u003c",
"version_value": "750"
},
{
"version_name": "\u003c",
"version_value": "751"
},
{
"version_name": "\u003c",
"version_value": "752"
},
{
"version_name": "\u003c",
"version_value": "753"
},
{
"version_name": "\u003c",
"version_value": "754"
},
{
"version_name": "\u003c",
"version_value": "755"
},
{
"version_name": "\u003c",
"version_value": "782"
}
]
}
},
{
"product_name": "SAP BW4HANA",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "100"
},
{
"version_name": "\u003c",
"version_value": "200"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2983367",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2983367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-26838",
"datePublished": "2020-12-09T16:31:14",
"dateReserved": "2020-10-07T00:00:00",
"dateUpdated": "2024-08-04T16:03:22.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}