Vulnerabilites related to sap - bw\/4hana
cve-2024-37176
Vulnerability from cvelistv5
Published
2024-06-11 02:14
Modified
2024-08-02 03:50
Severity ?
EPSS score ?
Summary
SAP BW/4HANA Transformation and Data Transfer
Process (DTP) allows an authenticated attacker to gain higher access levels
than they should have by exploiting improper authorization checks. This results
in escalation of privileges. It has no impact on the confidentiality of data
but may have low impacts on the integrity and availability of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP BW/4HANA Transformation and Data Transfer Process |
Version: DW4CORE 200 Version: 300 Version: 400 Version: 796 Version: SAP_BW 740 Version: 750 Version: 751 Version: 752 Version: 753 Version: 754 Version: 755 Version: 756 Version: 757 Version: 758 |
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:sap_se:sap_bw_4hana:dw4core200:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw_4hana", vendor: "sap_se", versions: [ { status: "affected", version: "dw4core200", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw_4hana:300:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw_4hana", vendor: "sap_se", versions: [ { status: "affected", version: "300", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw_4hana:400:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw_4hana", vendor: "sap_se", versions: [ { status: "affected", version: "400", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw_4hana:796:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw_4hana", vendor: "sap_se", versions: [ { status: "affected", version: "796", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw_4hana:sap_bw_740:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw_4hana", vendor: "sap_se", versions: [ { status: "affected", version: "sap_bw_740", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:750:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "750", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:751:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "751", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:752:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "752", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:753:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "753", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:754:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "754", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:755:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "755", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:756:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "756", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:757:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "757", }, ], }, { cpes: [ "cpe:2.3:a:sap_se:sap_bw:758:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "sap_bw", vendor: "sap_se", versions: [ { status: "affected", version: "758", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-37176", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-11T13:51:16.715875Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-11T14:16:58.729Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T03:50:54.783Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3465455", }, { tags: [ "x_transferred", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP BW/4HANA Transformation and Data Transfer Process", vendor: "SAP_SE", versions: [ { status: "affected", version: "DW4CORE 200", }, { status: "affected", version: "300", }, { status: "affected", version: "400", }, { status: "affected", version: "796", }, { status: "affected", version: "SAP_BW 740", }, { status: "affected", version: "750", }, { status: "affected", version: "751", }, { status: "affected", version: "752", }, { status: "affected", version: "753", }, { status: "affected", version: "754", }, { status: "affected", version: "755", }, { status: "affected", version: "756", }, { status: "affected", version: "757", }, { status: "affected", version: "758", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "SAP BW/4HANA Transformation and Data Transfer\nProcess (DTP) allows an authenticated attacker to gain higher access levels\nthan they should have by exploiting improper authorization checks. This results\nin escalation of privileges. It has no impact on the confidentiality of data\nbut may have low impacts on the integrity and availability of the application.\n\n\n\n", }, ], value: "SAP BW/4HANA Transformation and Data Transfer\nProcess (DTP) allows an authenticated attacker to gain higher access levels\nthan they should have by exploiting improper authorization checks. This results\nin escalation of privileges. It has no impact on the confidentiality of data\nbut may have low impacts on the integrity and availability of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862: Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T02:14:45.656Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3465455", }, { url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], source: { discovery: "UNKNOWN", }, title: "Missing Authorization check in SAP BW/4HANA Transformation and DTP", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-37176", datePublished: "2024-06-11T02:14:45.656Z", dateReserved: "2024-06-04T07:49:42.492Z", dateUpdated: "2024-08-02T03:50:54.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33992
Vulnerability from cvelistv5
Published
2023-07-11 02:34
Modified
2024-10-29 13:43
Severity ?
EPSS score ?
Summary
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Business Warehouse and SAP BW/4HANA |
Version: SAP_BW 730 Version: SAP_BW 731 Version: SAP_BW 740 Version: SAP_BW 750 Version: DW4CORE 100 Version: DW4CORE 200 Version: DW4CORE 300 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:14.204Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3088078", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-33992", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T18:38:55.404664Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-29T13:43:38.660Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP Business Warehouse and SAP BW/4HANA", vendor: "SAP_SE", versions: [ { status: "affected", version: "SAP_BW 730", }, { status: "affected", version: "SAP_BW 731", }, { status: "affected", version: "SAP_BW 740", }, { status: "affected", version: "SAP_BW 750", }, { status: "affected", version: "DW4CORE 100", }, { status: "affected", version: "DW4CORE 200", }, { status: "affected", version: "DW4CORE 300", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.</p>", }, ], value: "The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862: Missing Authorization", lang: "eng", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-11T02:34:11.627Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3088078", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, title: "Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2023-33992", datePublished: "2023-07-11T02:34:11.627Z", dateReserved: "2023-05-24T20:41:32.835Z", dateUpdated: "2024-10-29T13:43:38.660Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21466
Vulnerability from cvelistv5
Published
2021-01-12 14:42
Modified
2024-08-03 18:16
Severity ?
EPSS score ?
Summary
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2999854 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2022/May/42 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP Business Warehouse |
Version: < 700 Version: < 701 Version: < 702 Version: < 711 Version: < 730 Version: < 731 Version: < 740 Version: < 750 Version: < 782 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:16:22.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2999854", }, { name: "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/42", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP Business Warehouse", vendor: "SAP SE", versions: [ { status: "affected", version: "< 700", }, { status: "affected", version: "< 701", }, { status: "affected", version: "< 702", }, { status: "affected", version: "< 711", }, { status: "affected", version: "< 730", }, { status: "affected", version: "< 731", }, { status: "affected", version: "< 740", }, { status: "affected", version: "< 750", }, { status: "affected", version: "< 782", }, ], }, { product: "SAP BW/4HANA", vendor: "SAP SE", versions: [ { status: "affected", version: "< 100", }, { status: "affected", version: "< 200", }, ], }, ], descriptions: [ { lang: "en", value: "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Code Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-19T17:06:16", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2999854", }, { name: "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/May/42", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2021-21466", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP Business Warehouse", version: { version_data: [ { version_name: "<", version_value: "700", }, { version_name: "<", version_value: "701", }, { version_name: "<", version_value: "702", }, { version_name: "<", version_value: "711", }, { version_name: "<", version_value: "730", }, { version_name: "<", version_value: "731", }, { version_name: "<", version_value: "740", }, { version_name: "<", version_value: "750", }, { version_name: "<", version_value: "782", }, ], }, }, { product_name: "SAP BW/4HANA", version: { version_data: [ { version_name: "<", version_value: "100", }, { version_name: "<", version_value: "200", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.", }, ], }, impact: { cvss: { baseScore: "9.9", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Code Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", }, { name: "https://launchpad.support.sap.com/#/notes/2999854", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2999854", }, { name: "20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components)", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/May/42", }, { name: "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2021-21466", datePublished: "2021-01-12T14:42:39", dateReserved: "2020-12-30T00:00:00", dateUpdated: "2024-08-03T18:16:22.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-0243
Vulnerability from cvelistv5
Published
2019-01-08 20:00
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2727623 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/106467 | vdb-entry, x_refsource_BID | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP BW/4HANA (DW4CORE) |
Version: < 1.0 (SP08) |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:44:15.938Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2727623", }, { name: "106467", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106467", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP BW/4HANA (DW4CORE)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 1.0 (SP08)", }, ], }, ], datePublic: "2019-01-08T00:00:00", descriptions: [ { lang: "en", value: "Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.", }, ], problemTypes: [ { descriptions: [ { description: "Missing Authorization Check", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-09T10:57:01", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2727623", }, { name: "106467", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106467", }, { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2019-0243", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP BW/4HANA (DW4CORE)", version: { version_data: [ { version_name: "<", version_value: "1.0 (SP08)", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Missing Authorization Check", }, ], }, ], }, references: { reference_data: [ { name: "https://launchpad.support.sap.com/#/notes/2727623", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2727623", }, { name: "106467", refsource: "BID", url: "http://www.securityfocus.com/bid/106467", }, { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2019-0243", datePublished: "2019-01-08T20:00:00", dateReserved: "2018-11-26T00:00:00", dateUpdated: "2024-08-04T17:44:15.938Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-26838
Vulnerability from cvelistv5
Published
2020-12-09 16:31
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2983367 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP Business Warehouse |
Version: < 700 Version: < 701 Version: < 702 Version: < 731 Version: < 740 Version: < 750 Version: < 751 Version: < 752 Version: < 753 Version: < 754 Version: < 755 Version: < 782 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:03:22.812Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2983367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP Business Warehouse", vendor: "SAP SE", versions: [ { status: "affected", version: "< 700", }, { status: "affected", version: "< 701", }, { status: "affected", version: "< 702", }, { status: "affected", version: "< 731", }, { status: "affected", version: "< 740", }, { status: "affected", version: "< 750", }, { status: "affected", version: "< 751", }, { status: "affected", version: "< 752", }, { status: "affected", version: "< 753", }, { status: "affected", version: "< 754", }, { status: "affected", version: "< 755", }, { status: "affected", version: "< 782", }, ], }, { product: "SAP BW4HANA", vendor: "SAP SE", versions: [ { status: "affected", version: "< 100", }, { status: "affected", version: "< 200", }, ], }, ], descriptions: [ { lang: "en", value: "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Code Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-09T16:31:14", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/2983367", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2020-26838", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP Business Warehouse", version: { version_data: [ { version_name: "<", version_value: "700", }, { version_name: "<", version_value: "701", }, { version_name: "<", version_value: "702", }, { version_name: "<", version_value: "731", }, { version_name: "<", version_value: "740", }, { version_name: "<", version_value: "750", }, { version_name: "<", version_value: "751", }, { version_name: "<", version_value: "752", }, { version_name: "<", version_value: "753", }, { version_name: "<", version_value: "754", }, { version_name: "<", version_value: "755", }, { version_name: "<", version_value: "782", }, ], }, }, { product_name: "SAP BW4HANA", version: { version_data: [ { version_name: "<", version_value: "100", }, { version_name: "<", version_value: "200", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.", }, ], }, impact: { cvss: { baseScore: "9.1", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Code Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", refsource: "MISC", url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { name: "https://launchpad.support.sap.com/#/notes/2983367", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/2983367", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-26838", datePublished: "2020-12-09T16:31:14", dateReserved: "2020-10-07T00:00:00", dateUpdated: "2024-08-04T16:03:22.812Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-01-12 15:15
Modified
2024-11-21 05:48
Severity ?
Summary
SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 700 | |
| sap | business_warehouse | 701 | |
| sap | business_warehouse | 702 | |
| sap | business_warehouse | 711 | |
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 782 | |
| sap | bw\/4hana | 100 | |
| sap | bw\/4hana | 200 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:business_warehouse:700:*:*:*:*:*:*:*", matchCriteriaId: "D495F997-45A9-4C80-841E-781E1EAC3074", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:701:*:*:*:*:*:*:*", matchCriteriaId: "2FCA6F5A-25B8-46E1-B407-38F61222C057", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:702:*:*:*:*:*:*:*", matchCriteriaId: "3FE999EE-9B6B-4D2C-9347-5558B878AE7B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:711:*:*:*:*:*:*:*", matchCriteriaId: "11DE777B-AA53-4A6B-AD6E-5DCEEAC217AA", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*", matchCriteriaId: "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*", matchCriteriaId: "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*", matchCriteriaId: "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*", matchCriteriaId: "526C11C6-B67D-49F1-94E6-A324AA581EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*", matchCriteriaId: "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*", matchCriteriaId: "BCD13072-E149-45FB-BD46-E3D48D81216B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*", matchCriteriaId: "704134B4-A642-488F-94B3-48A744C46A1A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 750, 782 and SAP BW/4HANA, versions 100, 200, allow a low privileged attacker to inject code using a remote enabled function module over the network. Via the function module an attacker can create a malicious ABAP report which could be used to get access to sensitive data, to inject malicious UPDATE statements that could have also impact on the operating system, to disrupt the functionality of the SAP system which can thereby lead to a Denial of Service.", }, { lang: "es", value: "SAP Business Warehouse, versiones 700, 701, 702, 711, 730, 731, 740, 750, 782 y SAP BW/4HANA, versiones 100, 200, permiten a un atacante poco privilegiado inyectar código usando un módulo de función habilitado de forma remota a través de la red. Por medio del módulo de función, un atacante puede crear un reporte ABAP malicioso que podría ser usado para obtener acceso a datos confidenciales, para inyectar sentencias UPDATE maliciosas que también podrían tener un impacto en el sistema operativo, para interrumpir la funcionalidad del sistema SAP que, por lo tanto, puede conducir a una denegación de servicio", }, ], id: "CVE-2021-21466", lastModified: "2024-11-21T05:48:25.767", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.1, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-12T15:15:15.953", references: [ { source: "cna@sap.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", }, { source: "cna@sap.com", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/42", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2999854", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/167229/SAP-Application-Server-ABAP-ABAP-Platform-Code-Injection-SQL-Injection-Missing-Authorization.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2999854", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564760476", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-06-11 03:15
Modified
2024-11-21 09:23
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Summary
SAP BW/4HANA Transformation and Data Transfer
Process (DTP) allows an authenticated attacker to gain higher access levels
than they should have by exploiting improper authorization checks. This results
in escalation of privileges. It has no impact on the confidentiality of data
but may have low impacts on the integrity and availability of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3465455 | Permissions Required | |
| cna@sap.com | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3465455 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:bw\\/4hana:300:*:*:*:*:*:*:*", matchCriteriaId: "7CCF4C28-1C0B-43C3-A870-C30F53BCAA2B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:400:*:*:*:*:*:*:*", matchCriteriaId: "75EF2D12-866D-4AA5-A5C7-28CC069CABC4", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:750:*:*:*:*:*:*:*", matchCriteriaId: "6F5A41E1-1F2A-4EF4-A275-B6FD5D48D457", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:751:*:*:*:*:*:*:*", matchCriteriaId: "212EBCB5-D90A-4240-BAFE-396AC8EA5673", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:752:*:*:*:*:*:*:*", matchCriteriaId: "563665A1-2517-46BA-A922-FF30C039DFA3", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:753:*:*:*:*:*:*:*", matchCriteriaId: "A1FE07CA-8391-4E1C-ADF1-47D0E095522C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:754:*:*:*:*:*:*:*", matchCriteriaId: "0A30A302-C5A3-4A8C-BA8B-94EA32FF5CB2", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:755:*:*:*:*:*:*:*", matchCriteriaId: "F1567AA0-84D6-4B33-AF74-131FF99E7B0C", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:756:*:*:*:*:*:*:*", matchCriteriaId: "40B22479-CDB1-4816-9F6C-B9E8F20C530E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:757:*:*:*:*:*:*:*", matchCriteriaId: "4D0D0D15-86ED-417D-9D09-4355D5C9AD5B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:758:*:*:*:*:*:*:*", matchCriteriaId: "6DA8F2E8-343D-4C62-B5DE-7F8714387AED", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:796:*:*:*:*:*:*:*", matchCriteriaId: "479ED325-5872-4E26-8F53-975F0F5580CE", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:dw4core_200:*:*:*:*:*:*:*", matchCriteriaId: "1163D7AA-77D0-4949-8022-1D275FC0EB03", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:sap_bw_740:*:*:*:*:*:*:*", matchCriteriaId: "8BF1CD75-09C0-4807-A066-F729B663697A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP BW/4HANA Transformation and Data Transfer\nProcess (DTP) allows an authenticated attacker to gain higher access levels\nthan they should have by exploiting improper authorization checks. This results\nin escalation of privileges. It has no impact on the confidentiality of data\nbut may have low impacts on the integrity and availability of the application.", }, { lang: "es", value: "El proceso de transformación y transferencia de datos (DTP) de SAP BW/4HANA permite que un atacante autenticado obtenga niveles de acceso más altos de los que debería tener al explotar controles de autorización inadecuados. Esto da como resultado una escalada de privilegios. No tiene ningún impacto en la confidencialidad de los datos, pero puede tener impactos bajos en la integridad y disponibilidad de la aplicación.", }, ], id: "CVE-2024-37176", lastModified: "2024-11-21T09:23:21.937", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T03:15:12.020", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3465455", }, { source: "cna@sap.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3465455", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-07-11 03:15
Modified
2024-11-21 08:06
Severity ?
4.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3088078 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3088078 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 730 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | bw\/4hana | 100 | |
| sap | bw\/4hana | 200 | |
| sap | bw\/4hana | 300 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*", matchCriteriaId: "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*", matchCriteriaId: "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*", matchCriteriaId: "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*", matchCriteriaId: "526C11C6-B67D-49F1-94E6-A324AA581EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*", matchCriteriaId: "BCD13072-E149-45FB-BD46-E3D48D81216B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*", matchCriteriaId: "704134B4-A642-488F-94B3-48A744C46A1A", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:300:*:*:*:*:*:*:*", matchCriteriaId: "7CCF4C28-1C0B-43C3-A870-C30F53BCAA2B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAP_BW 730, SAP_BW 731, SAP_BW 740, SAP_BW 730, SAP_BW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs authorizations on the query as well as on the keyfigure/measure level. The missing check only affects the data level.\n\n", }, ], id: "CVE-2023-33992", lastModified: "2024-11-21T08:06:22.143", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-07-11T03:15:09.717", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3088078", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3088078", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-09 17:15
Modified
2024-11-21 05:20
Severity ?
Summary
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2983367 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2983367 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | business_warehouse | 700 | |
| sap | business_warehouse | 701 | |
| sap | business_warehouse | 702 | |
| sap | business_warehouse | 731 | |
| sap | business_warehouse | 740 | |
| sap | business_warehouse | 750 | |
| sap | business_warehouse | 751 | |
| sap | business_warehouse | 752 | |
| sap | business_warehouse | 753 | |
| sap | business_warehouse | 754 | |
| sap | business_warehouse | 755 | |
| sap | business_warehouse | 782 | |
| sap | bw\/4hana | 100 | |
| sap | bw\/4hana | 200 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:business_warehouse:700:*:*:*:*:*:*:*", matchCriteriaId: "D495F997-45A9-4C80-841E-781E1EAC3074", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:701:*:*:*:*:*:*:*", matchCriteriaId: "2FCA6F5A-25B8-46E1-B407-38F61222C057", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:702:*:*:*:*:*:*:*", matchCriteriaId: "3FE999EE-9B6B-4D2C-9347-5558B878AE7B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*", matchCriteriaId: "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*", matchCriteriaId: "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*", matchCriteriaId: "526C11C6-B67D-49F1-94E6-A324AA581EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:751:*:*:*:*:*:*:*", matchCriteriaId: "4A4E38AC-5888-4ABD-AAB1-BC5312701195", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:752:*:*:*:*:*:*:*", matchCriteriaId: "8D7A93A1-3D65-4C79-92B1-E433EE443478", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:753:*:*:*:*:*:*:*", matchCriteriaId: "80E03381-893C-4646-9150-303AB4F6144B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:754:*:*:*:*:*:*:*", matchCriteriaId: "1400B8E5-8400-420A-8581-9F3B07EF6BF4", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:755:*:*:*:*:*:*:*", matchCriteriaId: "2ABE173B-C66E-4A69-9735-E325C0DAC062", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:business_warehouse:782:*:*:*:*:*:*:*", matchCriteriaId: "929A4FB3-BEEF-4A69-B77C-FD1A0B3C7DFF", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*", matchCriteriaId: "BCD13072-E149-45FB-BD46-E3D48D81216B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*", matchCriteriaId: "704134B4-A642-488F-94B3-48A744C46A1A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction. It is possible to craft a request which will result in the execution of Operating System commands leading to Code Injection vulnerability which could completely compromise the confidentiality, integrity and availability of the server and any data or other applications running on it.", }, { lang: "es", value: "SAP Business Warehouse, versiones: 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782 y SAP BW4HANA, versiones: 100, 200 permite a un atacante autenticado con (altos) privilegios de desarrollador enviar una petición diseñada para generar y ejecutar código sin ser necesario una interacción del usuario. Es posible diseñar una petición que resultará en una ejecución de comandos del Sistema Operativo conllevando a una vulnerabilidad de Inyección de Código que podría comprometer completamente la confidencialidad, integridad y disponibilidad del servidor y cualquier dato u otras aplicaciones que se ejecuten en él", }, ], id: "CVE-2020-26838", lastModified: "2024-11-21T05:20:22.507", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.3, impactScore: 6, source: "cna@sap.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-09T17:15:31.620", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2983367", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://launchpad.support.sap.com/#/notes/2983367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-08 20:29
Modified
2024-11-21 04:16
Severity ?
Summary
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/106467 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2727623 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106467 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2727623 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 | Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:bw\\/4hana:1.0:sp08:*:*:*:*:*:*", matchCriteriaId: "4113AB84-1E46-4D95-A76F-6BBF1465DFE2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.", }, { lang: "es", value: "Bajo ciertas circunstancias, el mantenimiento de datos maestros en SAP BW/4HANA (solucionado en la versión 1.1, SP08, de DW4CORE) no realiza las comprobaciones necesarias para un usuario autenticado, lo cual resulta en el escalado de privilegios.", }, ], id: "CVE-2019-0243", lastModified: "2024-11-21T04:16:34.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-08T20:29:00.657", references: [ { source: "cna@sap.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106467", }, { source: "cna@sap.com", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2727623", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106467", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", "Vendor Advisory", ], url: "https://launchpad.support.sap.com/#/notes/2727623", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }