Vulnerabilites related to sap - document_builder
Vulnerability from fkie_nvd
Published
2024-06-11 03:15
Modified
2024-11-21 09:19
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Summary
An authenticated attacker can upload malicious
file to SAP Document Builder service. When the victim accesses this file, the
attacker is allowed to access, modify, or make the related information
unavailable in the victim’s browser.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3459379 | Permissions Required | |
| cna@sap.com | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3459379 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | document_builder | 101 | |
| sap | document_builder | 103 | |
| sap | document_builder | 104 | |
| sap | document_builder | 105 | |
| sap | document_builder | 106 | |
| sap | document_builder | 107 | |
| sap | document_builder | 108 | |
| sap | document_builder | 731 | |
| sap | document_builder | 746 | |
| sap | document_builder | 747 | |
| sap | document_builder | 748 | |
| sap | document_builder | s4core_100 | |
| sap | document_builder | s4fnd_102 | |
| sap | document_builder | sap_bs_fnd_702 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:document_builder:101:*:*:*:*:*:*:*", matchCriteriaId: "5350CBE5-1DC2-4385-BB54-CF00158A0E41", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:103:*:*:*:*:*:*:*", matchCriteriaId: "AACFC047-8DF1-4A7A-8678-B06DA5FDB813", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:104:*:*:*:*:*:*:*", matchCriteriaId: "DFEBE181-4350-4629-947E-04ED3CE715F9", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:105:*:*:*:*:*:*:*", matchCriteriaId: "D1C51CE6-E2A3-4100-A45E-5BE6997BF5CD", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:106:*:*:*:*:*:*:*", matchCriteriaId: "36E9BCB7-A284-4F3E-8894-A6BB02294959", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:107:*:*:*:*:*:*:*", matchCriteriaId: "9766F9DB-CF4F-45E3-B040-3962DBACECF6", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:108:*:*:*:*:*:*:*", matchCriteriaId: "F7B2AFEF-DE52-4D22-A67F-E85F7CACA118", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:731:*:*:*:*:*:*:*", matchCriteriaId: "5C930294-CB73-4D42-A406-8579B60E43B8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:746:*:*:*:*:*:*:*", matchCriteriaId: "5AA983A4-C5D1-4757-BE08-224F69380A7D", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:747:*:*:*:*:*:*:*", matchCriteriaId: "1AFD8074-7613-4E8A-B69E-691813EAC685", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:748:*:*:*:*:*:*:*", matchCriteriaId: "662FF019-5901-4B3A-B5F6-CDFC9065783B", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4core_100:*:*:*:*:*:*:*", matchCriteriaId: "1A2A67C2-2564-4F41-BE38-C33D2C7CF9E7", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_102:*:*:*:*:*:*:*", matchCriteriaId: "3273C74F-E5FE-47A2-B7F8-E76095A64359", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:sap_bs_fnd_702:*:*:*:*:*:*:*", matchCriteriaId: "3A14342E-3477-457C-AF13-54AFFA9DE1C0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An authenticated attacker can upload malicious\nfile to SAP Document Builder service. When the victim accesses this file, the\nattacker is allowed to access, modify, or make the related information\nunavailable in the victim’s browser.", }, { lang: "es", value: "Un atacante autenticado puede cargar un archivo malicioso en el servicio SAP Document Builder. Cuando la víctima accede a este archivo, el atacante puede acceder, modificar o hacer que la información relacionada no esté disponible en el navegador de la víctima.", }, ], id: "CVE-2024-34683", lastModified: "2024-11-21T09:19:11.187", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 3.7, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 3.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-06-11T03:15:10.623", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3459379", }, { source: "cna@sap.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3459379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-434", }, ], source: "cna@sap.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-08-13 05:15
Modified
2024-09-12 13:29
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3477423 | Permissions Required | |
| cna@sap.com | https://url.sap/sapsecuritypatchday | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | document_builder | s4fnd_102 | |
| sap | document_builder | s4fnd_103 | |
| sap | document_builder | s4fnd_104 | |
| sap | document_builder | s4fnd_105 | |
| sap | document_builder | s4fnd_106 | |
| sap | document_builder | s4fnd_107 | |
| sap | document_builder | s4fnd_108 | |
| sap | document_builder | sap_bs_fnd_702 | |
| sap | document_builder | sap_bs_fnd_731 | |
| sap | document_builder | sap_bs_fnd_746 | |
| sap | document_builder | sap_bs_fnd_747 | |
| sap | document_builder | sap_bs_fnd_748 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_102:*:*:*:*:*:*:*", matchCriteriaId: "3273C74F-E5FE-47A2-B7F8-E76095A64359", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_103:*:*:*:*:*:*:*", matchCriteriaId: "65DD3306-BD29-4E59-A0BE-7BEFB80E83A5", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_104:*:*:*:*:*:*:*", matchCriteriaId: "49820851-29AD-4467-9CC9-6938197538A7", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_105:*:*:*:*:*:*:*", matchCriteriaId: "6012CA9C-F45A-44FD-84A2-960D41638458", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_106:*:*:*:*:*:*:*", matchCriteriaId: "25337ED2-24AC-4329-89FE-2ACC8F806721", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_107:*:*:*:*:*:*:*", matchCriteriaId: "A48BA465-1906-4E24-BCC4-43677988EE56", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:s4fnd_108:*:*:*:*:*:*:*", matchCriteriaId: "7562A2A3-BBA4-4FE7-800C-1D0A9FD750D8", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:sap_bs_fnd_702:*:*:*:*:*:*:*", matchCriteriaId: "3A14342E-3477-457C-AF13-54AFFA9DE1C0", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:sap_bs_fnd_731:*:*:*:*:*:*:*", matchCriteriaId: "A1FA8D4E-C6EB-4DD9-9729-0CE94FC1023D", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:sap_bs_fnd_746:*:*:*:*:*:*:*", matchCriteriaId: "B2ED89F2-6C57-4393-9D7C-EF02C399F514", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:sap_bs_fnd_747:*:*:*:*:*:*:*", matchCriteriaId: "8D738350-C117-4248-9334-2D1540986E34", vulnerable: true, }, { criteria: "cpe:2.3:a:sap:document_builder:sap_bs_fnd_748:*:*:*:*:*:*:*", matchCriteriaId: "9242A4C0-3C2B-4877-A3CA-F17C2A036162", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.", }, { lang: "es", value: "SAP Document Builder no realiza las comprobaciones de autorización necesarias para uno de los módulos de funciones, lo que da como resultado una escalada de privilegios que tiene un bajo impacto en la confidencialidad de la aplicación.", }, ], id: "CVE-2024-39591", lastModified: "2024-09-12T13:29:47.207", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "cna@sap.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-08-13T05:15:13.347", references: [ { source: "cna@sap.com", tags: [ "Permissions Required", ], url: "https://me.sap.com/notes/3477423", }, { source: "cna@sap.com", tags: [ "Vendor Advisory", ], url: "https://url.sap/sapsecuritypatchday", }, ], sourceIdentifier: "cna@sap.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-862", }, ], source: "cna@sap.com", type: "Primary", }, ], }
CVE-2024-39591 (GCVE-0-2024-39591)
Vulnerability from cvelistv5
Published
2024-08-13 05:00
Modified
2024-08-13 13:53
Severity ?
EPSS score ?
Summary
SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Document Builder |
Version: S4FND 102 Version: S4FND 103 Version: S4FND 104 Version: S4FND 105 Version: S4FND 106 Version: S4FND 107 Version: S4FND 108 Version: SAP_BS_FND 702 Version: SAP_BS_FND 731 Version: SAP_BS_FND 746 Version: SAP_BS_FND 747 Version: SAP_BS_FND 748 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-39591", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-13T13:53:17.560177Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-13T13:53:27.312Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP Document Builder", vendor: "SAP_SE", versions: [ { status: "affected", version: "S4FND 102", }, { status: "affected", version: "S4FND 103", }, { status: "affected", version: "S4FND 104", }, { status: "affected", version: "S4FND 105", }, { status: "affected", version: "S4FND 106", }, { status: "affected", version: "S4FND 107", }, { status: "affected", version: "S4FND 108", }, { status: "affected", version: "SAP_BS_FND 702", }, { status: "affected", version: "SAP_BS_FND 731", }, { status: "affected", version: "SAP_BS_FND 746", }, { status: "affected", version: "SAP_BS_FND 747", }, { status: "affected", version: "SAP_BS_FND 748", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.</span><span style=\"background-color: rgb(255, 255, 255);\"> </span>", }, ], value: "SAP Document Builder does not perform necessary authorization checks for one of the function modules resulting in escalation of privileges causing low impact on confidentiality of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862: Missing Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-13T05:04:38.380Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3477423", }, { url: "https://url.sap/sapsecuritypatchday", }, ], source: { discovery: "UNKNOWN", }, title: "Missing Authorization check in SAP Document Builder", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-39591", datePublished: "2024-08-13T05:00:42.912Z", dateReserved: "2024-06-26T09:58:24.094Z", dateUpdated: "2024-08-13T13:53:27.312Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2024-34683 (GCVE-0-2024-34683)
Vulnerability from cvelistv5
Published
2024-06-11 02:08
Modified
2024-08-02 02:59
Severity ?
EPSS score ?
Summary
An authenticated attacker can upload malicious
file to SAP Document Builder service. When the victim accesses this file, the
attacker is allowed to access, modify, or make the related information
unavailable in the victim’s browser.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP_SE | SAP Document Builder |
Version: S4CORE 100 Version: 101 Version: S4FND 102 Version: 103 Version: 104 Version: 105 Version: 106 Version: 107 Version: 108 Version: SAP_BS_FND 702 Version: 731 Version: 746 Version: 747 Version: 748 |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-34683", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-11T13:35:39.111955Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-11T13:35:47.339Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T02:59:22.208Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://me.sap.com/notes/3459379", }, { tags: [ "x_transferred", ], url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP Document Builder", vendor: "SAP_SE", versions: [ { status: "affected", version: "S4CORE 100", }, { status: "affected", version: "101", }, { status: "affected", version: "S4FND 102", }, { status: "affected", version: "103", }, { status: "affected", version: "104", }, { status: "affected", version: "105", }, { status: "affected", version: "106", }, { status: "affected", version: "107", }, { status: "affected", version: "108", }, { status: "affected", version: "SAP_BS_FND 702", }, { status: "affected", version: "731", }, { status: "affected", version: "746", }, { status: "affected", version: "747", }, { status: "affected", version: "748", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "An authenticated attacker can upload malicious\nfile to SAP Document Builder service. When the victim accesses this file, the\nattacker is allowed to access, modify, or make the related information\nunavailable in the victim’s browser.\n\n\n\n", }, ], value: "An authenticated attacker can upload malicious\nfile to SAP Document Builder service. When the victim accesses this file, the\nattacker is allowed to access, modify, or make the related information\nunavailable in the victim’s browser.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434: Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-11T02:08:47.200Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://me.sap.com/notes/3459379", }, { url: "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html", }, ], source: { discovery: "UNKNOWN", }, title: "Unrestricted file upload in SAP Document Builder (HTTP service)", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2024-34683", datePublished: "2024-06-11T02:08:47.200Z", dateReserved: "2024-05-07T05:46:11.656Z", dateUpdated: "2024-08-02T02:59:22.208Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }