All the vulnerabilites related to sap - hana_database
cve-2019-0350
Vulnerability from cvelistv5
Published
2019-11-04 14:33
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2798243 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP HANA Database |
Version: < 1.0 Version: < 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:16.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2798243"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA Database",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0"
},
{
"status": "affected",
"version": "\u003c 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T14:33:20",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2798243"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2019-0350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA Database",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "1.0"
},
{
"version_name": "\u003c",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2798243",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2798243"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2019-0350",
"datePublished": "2019-11-04T14:33:20",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:44:16.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2424
Vulnerability from cvelistv5
Published
2018-06-12 15:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2538856 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/104459 | vdb-entry, x_refsource_BID | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP HANA Database |
Version: 1.0 Version: 2.0 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:33.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA Database",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.0"
},
{
"status": "affected",
"version": "2.0"
}
]
},
{
"product": "SAP UI5",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
},
{
"product": "SAP UI5(Java)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.3"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
}
]
},
{
"product": "SAP UI",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
},
{
"status": "affected",
"version": "7.51"
},
{
"status": "affected",
"version": "7.52"
}
]
},
{
"product": "SAP UI for SAP NetWeaver 7.00",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"datePublic": "2018-06-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-15T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2424",
"STATE": "PUBLIC",
"vendor_name": "SAP SE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA Database",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
},
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "SAP UI5",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "SAP UI5(Java)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.3"
},
{
"version_affected": "=",
"version_value": "7.31"
},
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
}
]
}
},
{
"product_name": "SAP UI",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
},
{
"version_affected": "=",
"version_value": "7.51"
},
{
"version_affected": "=",
"version_value": "7.52"
}
]
}
},
{
"product_name": "SAP UI for SAP NetWeaver 7.00",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2538856",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"name": "104459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104459"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2424",
"datePublished": "2018-06-12T15:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:33.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40309
Vulnerability from cvelistv5
Published
2023-09-12 02:21
Modified
2024-09-28 22:10
Severity ?
EPSS score ?
Summary
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP_SE | SAP CommonCryptoLib |
Version: 8 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:53.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3340576"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:26:09.938156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:26:24.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP CommonCryptoLib",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "8"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premise",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.91"
},
{
"status": "affected",
"version": "KERNEL 7.92"
},
{
"status": "affected",
"version": "KERNEL 7.93"
},
{
"status": "affected",
"version": "KERNEL 8.04"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KERNEL64UC 7.53"
},
{
"status": "affected",
"version": "KERNEL64UC 8.04"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22EXT"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.89"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Content Server",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "6.50"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP HANA Database",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "2.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Host Agent",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "722"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Extended Application Services and Runtime (XSA)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_EXTENDED_APP_SERVICES 1"
},
{
"status": "affected",
"version": "XS_ADVANCED_RUNTIME 1.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAPSSOEXT",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired,\u00a0an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.\u003c/p\u003e"
}
],
"value": "SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired,\u00a0an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T22:10:46.845Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3340576"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization check in SAP CommonCryptoLib",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40309",
"datePublished": "2023-09-12T02:21:19.058Z",
"dateReserved": "2023-08-14T07:36:04.796Z",
"dateUpdated": "2024-09-28T22:10:46.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21474
Vulnerability from cvelistv5
Published
2021-02-09 20:44
Modified
2024-08-03 18:16
Severity ?
EPSS score ?
Summary
SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2992154 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP HANA Database |
Version: < 1.0 Version: < 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2992154"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA Database",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0"
},
{
"status": "affected",
"version": "\u003c 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-09T20:44:04",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2992154"
}
],
"x_ConverterErrors": {
"cvssV3_0": {
"error": "CVSSV3_0 data from v4 record is invalid",
"message": "Malformed CVSS3 vector, trailing \"/\""
}
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21474",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA Database",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "1.0"
},
{
"version_name": "\u003c",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database."
}
]
},
"impact": {
"cvss": {
"baseScore": "4.1",
"vectorString": "CVSS:3.0/AV: N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2992154",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2992154"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21474",
"datePublished": "2021-02-09T20:44:04",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-40308
Vulnerability from cvelistv5
Published
2023-09-12 01:21
Modified
2024-09-26 18:22
Severity ?
EPSS score ?
Summary
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP_SE | SAP CommonCryptoLib |
Version: 8 |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:31:53.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3327896"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40308",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:46:05.348783Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:46:15.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP CommonCryptoLib",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "8"
}
]
},
{
"defaultStatus": "unaffected",
"packageName": "KERNEL",
"product": "SAP NetWeaver AS ABAP, SAP NetWeaver AS Java and ABAP Platform of S/4HANA on-premise",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.91"
},
{
"status": "affected",
"version": "KERNEL 7.92"
},
{
"status": "affected",
"version": "KERNEL 7.93"
},
{
"status": "affected",
"version": "KERNEL 8.04"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22"
},
{
"status": "affected",
"version": "KERNEL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KERNEL64UC 7.53"
},
{
"status": "affected",
"version": "KERNEL64UC 8.04"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22"
},
{
"status": "affected",
"version": "KERNEL64NUC 7.22EXT"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.89"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Content Server",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "6.50"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.54"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP HANA Database",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "2.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Host Agent",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "722"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Extended Application Services and Runtime (XSA)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_EXTENDED_APP_SERVICES 1"
},
{
"status": "affected",
"version": "XS_ADVANCED_RUNTIME 1.00"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAPSSOEXT",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP CommonCryptoLib\u00a0allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.\u003c/p\u003e"
}
],
"value": "SAP CommonCryptoLib\u00a0allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T18:22:53.534Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3327896"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Memory Corruption vulnerability in SAP CommonCryptoLib",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-40308",
"datePublished": "2023-09-12T01:21:15.083Z",
"dateReserved": "2023-08-14T07:36:04.796Z",
"dateUpdated": "2024-09-26T18:22:53.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-16687
Vulnerability from cvelistv5
Published
2017-12-12 14:00
Modified
2024-09-16 23:41
Severity ?
EPSS score ?
Summary
The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/ | x_refsource_CONFIRM | |
| https://launchpad.support.sap.com/#/notes/2549983 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/102152 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | SAP HANA extended application services |
Version: SAP HANA Database 1.00, 2.00 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:35:19.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2549983"
},
{
"name": "102152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA extended application services",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "SAP HANA Database 1.00, 2.00"
}
]
}
],
"datePublic": "2017-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T10:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.support.sap.com/#/notes/2549983"
},
{
"name": "102152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"DATE_PUBLIC": "2017-12-12T00:00:00",
"ID": "CVE-2017-16687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA extended application services",
"version": {
"version_data": [
{
"version_value": "SAP HANA Database 1.00, 2.00"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2549983",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2549983"
},
{
"name": "102152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2017-16687",
"datePublished": "2017-12-12T14:00:00Z",
"dateReserved": "2017-11-09T00:00:00",
"dateUpdated": "2024-09-16T23:41:51.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-26834
Vulnerability from cvelistv5
Published
2020-12-09 16:30
Modified
2024-08-04 16:03
Severity ?
EPSS score ?
Summary
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2978768 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP HANA Database |
Version: < 2.0 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:03:22.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2978768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP HANA Database",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Authentication",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T16:30:45",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2978768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-26834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP HANA Database",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "2.0"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued."
}
]
},
"impact": {
"cvss": {
"baseScore": "4.2",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authentication"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2978768",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2978768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-26834",
"datePublished": "2020-12-09T16:30:45",
"dateReserved": "2020-10-07T00:00:00",
"dateUpdated": "2024-08-04T16:03:22.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-06-12 15:29
Modified
2024-11-21 04:03
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/104459 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2538856 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104459 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2538856 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "528C05CB-315F-465C-8C25-EF85AA7D19B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*",
"matchCriteriaId": "BAC1FC47-D27B-4D31-B0CB-84CB75B9B314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "6A245CAD-2365-48F5-994D-65658825DA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "FD311636-17EB-4DEA-8A9B-9539B4B43C3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "2AE480CB-D830-42D5-B297-3D5874AEFA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "830F67FF-0DEA-4B07-A3E0-CDCD01888DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui5:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBC9A13-184E-403D-9F4C-435A46A3F92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui5_java:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "500E7A87-9E8C-464D-9316-F4F2FDECFDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui5_java:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "C959F430-EF52-48FE-838D-40B87019B61D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui5_java:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "FC625547-85B8-4E19-B7DC-32BC25603F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui5_java:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F01D0C09-61E9-48CE-8440-9513B79845B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
},
{
"lang": "es",
"value": "SAP UI5 no valid\u00f3 las entradas de usuario antes de a\u00f1adirlas a la estructura DOM. Esto podr\u00eda conducir a que se a\u00f1ada al DOM c\u00f3digo JavaScript malicioso proporcionado por el usuario que podr\u00eda robar informaci\u00f3n del usuario. Los componentes de software afectados son: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52 y la versi\u00f3n 2.0 de SAP UI para SAP NetWeaver 7.00"
}
],
"id": "CVE-2018-2424",
"lastModified": "2024-11-21T04:03:47.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-12T15:29:00.307",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-04 15:15
Modified
2024-11-21 04:16
Severity ?
Summary
SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2798243 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2798243 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | hana_database | 1.00 | |
| sap | hana_database | 2.00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "528C05CB-315F-465C-8C25-EF85AA7D19B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker to send a malformed connection request, which crashes the indexserver of an SAP HANA instance, leading to Denial of Service"
},
{
"lang": "es",
"value": "SAP HANA Database, versiones 1.0, 2.0, permite a un atacante no autorizado enviar una petici\u00f3n de conexi\u00f3n malformada, que bloquea el indexserver de una instancia SAP HANA, conllevando a la denegaci\u00f3n de servicio"
}
],
"id": "CVE-2019-0350",
"lastModified": "2024-11-21T04:16:43.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T15:15:11.367",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2798243"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2798243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-12 02:15
Modified
2024-11-21 08:19
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3327896 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3327896 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:commoncryptolib:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92E07A81-F35C-4BF4-8AB4-E5B3C3D09487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:content_server:6.50:*:*:*:*:*:*:*",
"matchCriteriaId": "85520864-E99A-4576-847C-5E0EA1E6CEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A02FB973-7FA0-4881-B912-27F4CFBDC673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:content_server:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7FD33E-6870-48EB-8695-67B9169D1808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:extended_application_services_and_runtime:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF475F4D-11D8-401A-BAB8-8A31E81CEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:hana_database:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30B0858F-6AE9-4163-B001-1481FD3AFF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:host_agent:722:*:*:*:*:*:*:*",
"matchCriteriaId": "6A56308E-B097-49F3-8963-1F34E8716CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "AF64539B-0DE2-4076-91B9-F03F4DDFAE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "6C07042F-C47F-441E-AB32-B58A066909E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC44C62-0BFD-4170-B094-C82DEA473938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "D99F18BB-B44E-48B5-BD7C-D20E40915268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "208F59B2-7D79-4E0E-97DA-AEB9976C8EEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "A120BC2E-92B2-404A-ADF6-F1AF512631E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "56F63498-DAC3-40EE-9625-51FA522BA0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "06155DA1-7EDD-4EBA-8EBB-F7352F4EC7D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "104EE65A-202C-4F4E-B725-791A73687167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "0269C487-81F8-4240-BEF8-1A7C33864519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "379FDFC8-947E-4D09-A9DD-4B3F7481F648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7184F3A2-3408-4B7E-BEA6-BBF55909969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2D30A5-DB16-4CB7-8135-3CE106FA5477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D1657980-CBAC-41AC-A20E-18D7199EA244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "771ED2D0-3BC5-4C36-BCEB-1A1C46667363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0F05534F-3D2B-4983-9CC1-3A8BC7D421C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AE19A598-2F90-4014-AC5B-352FBC154907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97EDAAC4-4885-46CE-860A-DDF92FF205C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4E53E262-A23E-4D99-B2D8-DDCBEED85EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E61257-B187-4A83-96BD-D53CE11061D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "34E0B493-0860-4074-A383-F9C2A06EA8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "D338B951-5C8F-4C14-931C-5F8AEA7F5924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "525603B5-ADDC-4F58-B730-FC748A56D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2270AE-437E-4FDE-9F53-690C0BCF9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "BD374580-7D80-4D7F-8D89-8F52F2DEA8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "59253D09-D58D-4013-8F29-2172C1B83AA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "21316691-9A18-4B41-915E-491225CEF966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB08C06-0E07-4317-B1AC-C1ECCF931E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "8692B960-38A9-4035-88F5-C33D15B6A018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9E47FB-D39A-40C3-AEEE-D6A5AE27F063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "80C5A218-C623-41C5-A001-304046608CF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "92E7B426-D50F-4AEE-B6F3-5D00C8A195F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "039A11C9-D9D1-42BC-8DD4-2BCDAAF464CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sapssoext:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "784CA842-6657-4A02-96B0-76A66AC469C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F76E6A-2F27-450C-AAB5-E49A64079CAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "950DF1E2-990E-41EF-8779-CEC54C7CDC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "097ED3E8-49B1-497E-BD43-28C397FBEAE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP CommonCryptoLib\u00a0allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no ability to view or modify any information."
},
{
"lang": "es",
"value": "SAP CommonCryptoLib permite que un atacante no autenticado cree una solicitud que, cuando se env\u00eda a un puerto abierto, provoca un error de corrupci\u00f3n de memoria en una librer\u00eda, lo que a su vez provoca que el componente de target falle y deje de estar disponible. No hay posibilidad de ver o modificar ninguna informaci\u00f3n."
}
],
"id": "CVE-2023-40308",
"lastModified": "2024-11-21T08:19:12.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-12T02:15:12.610",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://me.sap.com/notes/3327896"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://me.sap.com/notes/3327896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-12-09 17:15
Modified
2024-11-21 05:20
Severity ?
Summary
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2978768 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2978768 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | hana_database | 2.00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for whom the SAML bearer token was issued."
},
{
"lang": "es",
"value": "SAP HANA Database, versi\u00f3n 2.0, no comprueba correctamente el nombre de usuario cuando lleva a cabo la autenticaci\u00f3n de usuario basada en token de portador SAML. Es posible manipular un token de portador SAML existente v\u00e1lido para autenticarse como un usuario cuyo nombre es id\u00e9ntico al nombre de usuario truncado para el que se emiti\u00f3 el token de portador SAML"
}
],
"id": "CVE-2020-26834",
"lastModified": "2024-11-21T05:20:22.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-09T17:15:31.323",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2978768"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2978768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=564757079"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-12 03:15
Modified
2024-11-21 08:19
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired, an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3340576 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3340576 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:commoncryptolib:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92E07A81-F35C-4BF4-8AB4-E5B3C3D09487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:content_server:6.50:*:*:*:*:*:*:*",
"matchCriteriaId": "85520864-E99A-4576-847C-5E0EA1E6CEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "A02FB973-7FA0-4881-B912-27F4CFBDC673",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:content_server:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7FD33E-6870-48EB-8695-67B9169D1808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:extended_application_services_and_runtime:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF475F4D-11D8-401A-BAB8-8A31E81CEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:hana_database:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30B0858F-6AE9-4163-B001-1481FD3AFF9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:host_agent:722:*:*:*:*:*:*:*",
"matchCriteriaId": "6A56308E-B097-49F3-8963-1F34E8716CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "AF64539B-0DE2-4076-91B9-F03F4DDFAE2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "6C07042F-C47F-441E-AB32-B58A066909E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC44C62-0BFD-4170-B094-C82DEA473938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "D99F18BB-B44E-48B5-BD7C-D20E40915268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "208F59B2-7D79-4E0E-97DA-AEB9976C8EEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "A120BC2E-92B2-404A-ADF6-F1AF512631E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "56F63498-DAC3-40EE-9625-51FA522BA0DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "06155DA1-7EDD-4EBA-8EBB-F7352F4EC7D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "104EE65A-202C-4F4E-B725-791A73687167",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "0269C487-81F8-4240-BEF8-1A7C33864519",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "379FDFC8-947E-4D09-A9DD-4B3F7481F648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7184F3A2-3408-4B7E-BEA6-BBF55909969F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2D30A5-DB16-4CB7-8135-3CE106FA5477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "D1657980-CBAC-41AC-A20E-18D7199EA244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "771ED2D0-3BC5-4C36-BCEB-1A1C46667363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "0F05534F-3D2B-4983-9CC1-3A8BC7D421C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel64uc_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "AE19A598-2F90-4014-AC5B-352FBC154907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "97EDAAC4-4885-46CE-860A-DDF92FF205C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "4E53E262-A23E-4D99-B2D8-DDCBEED85EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "F7E61257-B187-4A83-96BD-D53CE11061D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "34E0B493-0860-4074-A383-F9C2A06EA8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "D338B951-5C8F-4C14-931C-5F8AEA7F5924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "525603B5-ADDC-4F58-B730-FC748A56D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2270AE-437E-4FDE-9F53-690C0BCF9C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.92:*:*:*:*:*:*:*",
"matchCriteriaId": "BD374580-7D80-4D7F-8D89-8F52F2DEA8D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_7.93:*:*:*:*:*:*:*",
"matchCriteriaId": "59253D09-D58D-4013-8F29-2172C1B83AA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "21316691-9A18-4B41-915E-491225CEF966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB08C06-0E07-4317-B1AC-C1ECCF931E7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "8692B960-38A9-4035-88F5-C33D15B6A018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9E47FB-D39A-40C3-AEEE-D6A5AE27F063",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "80C5A218-C623-41C5-A001-304046608CF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "92E7B426-D50F-4AEE-B6F3-5D00C8A195F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_java:kernel64uc_8.04:*:*:*:*:*:*:*",
"matchCriteriaId": "039A11C9-D9D1-42BC-8DD4-2BCDAAF464CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sapssoext:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "784CA842-6657-4A02-96B0-76A66AC469C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F76E6A-2F27-450C-AAB5-E49A64079CAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "950DF1E2-990E-41EF-8779-CEC54C7CDC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "097ED3E8-49B1-497E-BD43-28C397FBEAE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges acquired,\u00a0an attacker could abuse functionality restricted to a particular user group as well as read, modify or delete restricted data."
},
{
"lang": "es",
"value": "SAP CommonCryptoLib no realiza las comprobaciones de autenticaci\u00f3n necesarias, lo que puede dar como resultado comprobaciones de autorizaci\u00f3n faltantes o incorrectas para un usuario autenticado, lo que resulta en una escalada de privilegios. Seg\u00fan la aplicaci\u00f3n y el nivel de privilegios adquiridos, un atacante podr\u00eda abusar de la funcionalidad restringida a un grupo de usuarios concreto, as\u00ed como leer, modificar o eliminar datos restringidos."
}
],
"id": "CVE-2023-40309",
"lastModified": "2024-11-21T08:19:12.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-12T03:15:12.073",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://me.sap.com/notes/3340576"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://me.sap.com/notes/3340576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-12-12 14:29
Modified
2024-11-21 03:16
Severity ?
Summary
The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/102152 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/ | Vendor Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2549983 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102152 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2549983 | Permissions Required, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | hana_database | 1.00 | |
| sap | hana_database | 2.00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "528C05CB-315F-465C-8C25-EF85AA7D19B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid user accounts. An unauthenticated user could use the error messages to determine if a given username is valid."
},
{
"lang": "es",
"value": "Las herramientas de autoservicio del usuario de los servicios extendidos de la aplicaci\u00f3n SAP HANA, que forman parte de SAP HANA Database en sus versiones 1.00 y 2.00, pueden ser empleadas err\u00f3neamente para enumerar cuentas de usuario v\u00e1lidas e inv\u00e1lidas. Un usuario no autenticado podr\u00eda emplear los mensajes de error para determinar si un nombre de usuario dado es v\u00e1lido."
}
],
"id": "CVE-2017-16687",
"lastModified": "2024-11-21T03:16:49.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-12T14:29:00.607",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102152"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2549983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2549983"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-09 21:15
Modified
2024-11-21 05:48
Severity ?
Summary
SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2992154 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2992154 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | hana_database | 1.00 | |
| sap | hana_database | 2.00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "528C05CB-315F-465C-8C25-EF85AA7D19B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP HANA Database, versions - 1.0, 2.0, accepts SAML tokens with MD5 digest, an attacker who manages to obtain an MD5-digest signed SAML Assertion issued for an SAP HANA instance might be able to tamper with it and alter it in a way that the digest continues to be the same and without invalidating the digital signature, this allows them to impersonate as user in HANA database and be able to read the contents in the database."
},
{
"lang": "es",
"value": "SAP HANA Database, versiones - 1.0, 2.0, acepta tokens SAML con un digest MD5, un atacante que logra obtener una afirmaci\u00f3n SAML firmada por un digest MD5 emitida para una instancia de SAP HANA podr\u00eda manipularla y alterarla de una manera que el digest sigue siendo el mismo y sin invalidar la firma digital, esto les permite hacerse pasar por usuario en la base de datos HANA y poder leer los contenidos en la base de datos"
}
],
"id": "CVE-2021-21474",
"lastModified": "2024-11-21T05:48:26.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-09T21:15:13.393",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2992154"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2992154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=568460543"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-326"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}