cvelistv5 - cve-2021-33701

CVE-2021-33701 (GCVE-0-2021-33701)

Vulnerability from cvelistv5 – Published: 2021-09-15 18:01 – Updated: 2024-08-03 23:58

Summary

DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.

Severity ?

9.1 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection�)

Assigner

sap

References

URL

Tags

	https://wiki.scn.sap.com/wiki/pages/viewpage.acti…	x_refsource_MISC
	https://launchpad.support.sap.com/#/notes/3078312	x_refsource_MISC
	http://seclists.org/fulldisclosure/2021/Dec/36	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2021/Dec/35	mailing-listx_refsource_FULLDISC
	http://packetstormsecurity.com/files/165303/SAP-N…	x_refsource_MISC
	http://packetstormsecurity.com/files/165304/SAP-N…	x_refsource_MISC

Impacted products

Vendor

Product

Version

SAP SE

DMIS Mobile Plug-In

Affected: < DMIS 2011_1_620
Affected: < 2011_1_640
Affected: < 2011_1_700
Affected: < 2011_1_710
Affected: < 2011_1_730
Affected: < 710
Affected: < 2011_1_731
Affected: < 2011_1_752
Affected: < 2020

SAP SE

SAP S/4HANA

Affected: < SAPSCORE 125
Affected: < S4CORE 102
Affected: < 102
Affected: < 103
Affected: < 104
Affected: < 105

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:58:22.494Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://launchpad.support.sap.com/#/notes/3078312"
          },
          {
            "name": "20211214 SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
          },
          {
            "name": "20211214 SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DMIS Mobile Plug-In",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c DMIS 2011_1_620"
            },
            {
              "status": "affected",
              "version": "\u003c 2011_1_640"
            },
            {
              "status": "affected",
              "version": "\u003c 2011_1_700"
            },
            {
              "status": "affected",
              "version": "\u003c 2011_1_710"
            },
            {
              "status": "affected",
              "version": "\u003c 2011_1_730"
            },
            {
              "status": "affected",
              "version": "\u003c 710"
            },
            {
              "status": "affected",
              "version": "\u003c 2011_1_731"
            },
            {
              "status": "affected",
              "version": "\u003c 2011_1_752"
            },
            {
              "status": "affected",
              "version": "\u003c 2020"
            }
          ]
        },
        {
          "product": "SAP S/4HANA",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c SAPSCORE 125"
            },
            {
              "status": "affected",
              "version": "\u003c S4CORE 102"
            },
            {
              "status": "affected",
              "version": "\u003c 102"
            },
            {
              "status": "affected",
              "version": "\u003c 103"
            },
            {
              "status": "affected",
              "version": "\u003c 104"
            },
            {
              "status": "affected",
              "version": "\u003c 105"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\ufffd)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-15T17:06:24",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://launchpad.support.sap.com/#/notes/3078312"
        },
        {
          "name": "20211214 SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
        },
        {
          "name": "20211214 SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@sap.com",
          "ID": "CVE-2021-33701",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DMIS Mobile Plug-In",
                      "version": {
                        "version_data": [
                          {
                            "version_name": "\u003c",
                            "version_value": "DMIS 2011_1_620"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011_1_640"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011_1_700"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011_1_710"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011_1_730"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "710"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011_1_731"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "710"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2011_1_752"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "2020"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAP S/4HANA",
                      "version": {
                        "version_data": [
                          {
                            "version_name": "\u003c",
                            "version_value": "SAPSCORE 125"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "S4CORE 102"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "102"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "103"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "104"
                          },
                          {
                            "version_name": "\u003c",
                            "version_value": "105"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SAP SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "9.1",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\ufffd)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806",
              "refsource": "MISC",
              "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
            },
            {
              "name": "https://launchpad.support.sap.com/#/notes/3078312",
              "refsource": "MISC",
              "url": "https://launchpad.support.sap.com/#/notes/3078312"
            },
            {
              "name": "20211214 SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
            },
            {
              "name": "20211214 SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
            },
            {
              "name": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2021-33701",
    "datePublished": "2021-09-15T18:01:55",
    "dateReserved": "2021-05-28T00:00:00",
    "dateUpdated": "2024-08-03T23:58:22.494Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:710:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C48386F-C6F6-42E5-9959-02F8A6D342FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_620:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7BDA4D1-2A3E-44FA-B4C2-3332190F9EA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_640:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EA96DC2-4DAF-46F5-84CB-3E04FED9D6D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_700:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A24CF8F-3BF0-453E-85A3-1FEAC970F2FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_710:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA15FBA3-6A8A-40F6-8877-92DA36AD6951\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_730:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E5DB1DF-AA42-40FF-90C0-5FC2D5D270E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_731:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F99C414C-4256-44C6-AE0F-22BDFEF7C48A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2011_1_752:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F970480D-5A7A-477E-B7B4-60883E343DC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:dmis:2020125:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02C8F50F-F150-42BC-99E1-2AB647052ADD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:s4core:102:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04C95A73-48EB-446C-A5F0-20E1D6BC1779\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:s4core:103:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C3C9003-68A6-4886-8979-9B7D01A35E40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"964023CE-6EA4-42BB-93B2-DCE6B36D3F89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sap:sapscore:125:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE9149EF-F7D0-45AA-99F5-90101F19E282\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.\"}, {\"lang\": \"es\", \"value\": \"DMIS Mobile Plug-In o SAP S/4HANA, versiones - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, permite a un atacante con acceso a una cuenta altamente privilegiada ejecutar una consulta manipulada en la herramienta NDZT para conseguir acceso a la cuenta Superuser, conllevando a una vulnerabilidad de Inyecci\\u00f3n SQL, que presenta un gran impacto en la Confidencialidad, Integridad y Disponibilidad de los sistemas\"}]",
      "id": "CVE-2021-33701",
      "lastModified": "2024-11-21T06:09:24.077",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}], \"cvssMetricV30\": [{\"source\": \"cna@sap.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.3, \"impactScore\": 6.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-09-15T19:15:09.697",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html\", \"source\": \"cna@sap.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html\", \"source\": \"cna@sap.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Dec/35\", \"source\": \"cna@sap.com\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Dec/36\", \"source\": \"cna@sap.com\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://launchpad.support.sap.com/#/notes/3078312\", \"source\": \"cna@sap.com\", \"tags\": [\"Permissions Required\", \"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806\", \"source\": \"cna@sap.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Dec/35\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2021/Dec/36\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://launchpad.support.sap.com/#/notes/3078312\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cna@sap.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"cna@sap.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-89\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-33701\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2021-09-15T19:15:09.697\",\"lastModified\":\"2024-11-21T06:09:24.077\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.\"},{\"lang\":\"es\",\"value\":\"DMIS Mobile Plug-In o SAP S/4HANA, versiones - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, permite a un atacante con acceso a una cuenta altamente privilegiada ejecutar una consulta manipulada en la herramienta NDZT para conseguir acceso a la cuenta Superuser, conllevando a una vulnerabilidad de Inyecci\u00f3n SQL, que presenta un gran impacto en la Confidencialidad, Integridad y Disponibilidad de los sistemas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0}],\"cvssMetricV30\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.3,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@sap.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:710:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C48386F-C6F6-42E5-9959-02F8A6D342FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_620:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7BDA4D1-2A3E-44FA-B4C2-3332190F9EA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_640:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EA96DC2-4DAF-46F5-84CB-3E04FED9D6D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_700:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A24CF8F-3BF0-453E-85A3-1FEAC970F2FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_710:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA15FBA3-6A8A-40F6-8877-92DA36AD6951\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_730:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5DB1DF-AA42-40FF-90C0-5FC2D5D270E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_731:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F99C414C-4256-44C6-AE0F-22BDFEF7C48A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2011_1_752:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F970480D-5A7A-477E-B7B4-60883E343DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:dmis:2020125:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02C8F50F-F150-42BC-99E1-2AB647052ADD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:s4core:102:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04C95A73-48EB-446C-A5F0-20E1D6BC1779\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:s4core:103:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3C9003-68A6-4886-8979-9B7D01A35E40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"964023CE-6EA4-42BB-93B2-DCE6B36D3F89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:sapscore:125:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE9149EF-F7D0-45AA-99F5-90101F19E282\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html\",\"source\":\"cna@sap.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html\",\"source\":\"cna@sap.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Dec/35\",\"source\":\"cna@sap.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Dec/36\",\"source\":\"cna@sap.com\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://launchpad.support.sap.com/#/notes/3078312\",\"source\":\"cna@sap.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806\",\"source\":\"cna@sap.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Dec/35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2021/Dec/36\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://launchpad.support.sap.com/#/notes/3078312\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-CH32-3MMP-49C5

Vulnerability from github – Published: 2022-05-24 19:14 – Updated: 2022-05-24 19:14

Details

Severity ?

9.1 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-33701"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-89"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-09-15T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.",
  "id": "GHSA-ch32-3mmp-49c5",
  "modified": "2022-05-24T19:14:34Z",
  "published": "2022-05-24T19:14:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33701"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/3078312"
    },
    {
      "type": "WEB",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2021-33701

Vulnerability from fkie_nvd - Published: 2021-09-15 19:15 - Updated: 2024-11-21 06:09

Severity ?

9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Summary

References

URL	Tags
cna@sap.com	http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html	Exploit, Third Party Advisory, VDB Entry
cna@sap.com	http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html	Exploit, Third Party Advisory, VDB Entry
cna@sap.com	http://seclists.org/fulldisclosure/2021/Dec/35	Exploit, Mailing List, Third Party Advisory
cna@sap.com	http://seclists.org/fulldisclosure/2021/Dec/36	Exploit, Mailing List, Third Party Advisory
cna@sap.com	https://launchpad.support.sap.com/#/notes/3078312	Permissions Required, VDB Entry, Vendor Advisory
cna@sap.com	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2021/Dec/35	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2021/Dec/36	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://launchpad.support.sap.com/#/notes/3078312	Permissions Required, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806	Vendor Advisory

Impacted products

Vendor	Product	Version
sap	dmis	710
sap	dmis	2011_1_620
sap	dmis	2011_1_640
sap	dmis	2011_1_700
sap	dmis	2011_1_710
sap	dmis	2011_1_730
sap	dmis	2011_1_731
sap	dmis	2011_1_752
sap	dmis	2020125
sap	s4core	102
sap	s4core	103
sap	s4core	104
sap	s4core	105
sap	sapscore	125

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sap:dmis:710:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C48386F-C6F6-42E5-9959-02F8A6D342FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_620:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7BDA4D1-2A3E-44FA-B4C2-3332190F9EA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_640:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EA96DC2-4DAF-46F5-84CB-3E04FED9D6D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_700:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A24CF8F-3BF0-453E-85A3-1FEAC970F2FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_710:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA15FBA3-6A8A-40F6-8877-92DA36AD6951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_730:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E5DB1DF-AA42-40FF-90C0-5FC2D5D270E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_731:*:*:*:*:*:*:*",
              "matchCriteriaId": "F99C414C-4256-44C6-AE0F-22BDFEF7C48A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2011_1_752:*:*:*:*:*:*:*",
              "matchCriteriaId": "F970480D-5A7A-477E-B7B4-60883E343DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:dmis:2020125:*:*:*:*:*:*:*",
              "matchCriteriaId": "02C8F50F-F150-42BC-99E1-2AB647052ADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:s4core:102:*:*:*:*:*:*:*",
              "matchCriteriaId": "04C95A73-48EB-446C-A5F0-20E1D6BC1779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:s4core:103:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C3C9003-68A6-4886-8979-9B7D01A35E40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*",
              "matchCriteriaId": "964023CE-6EA4-42BB-93B2-DCE6B36D3F89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:sapscore:125:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE9149EF-F7D0-45AA-99F5-90101F19E282",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability."
    },
    {
      "lang": "es",
      "value": "DMIS Mobile Plug-In o SAP S/4HANA, versiones - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, permite a un atacante con acceso a una cuenta altamente privilegiada ejecutar una consulta manipulada en la herramienta NDZT para conseguir acceso a la cuenta Superuser, conllevando a una vulnerabilidad de Inyecci\u00f3n SQL, que presenta un gran impacto en la Confidencialidad, Integridad y Disponibilidad de los sistemas"
    }
  ],
  "id": "CVE-2021-33701",
  "lastModified": "2024-11-21T06:09:24.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "cna@sap.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-15T19:15:09.697",
  "references": [
    {
      "source": "cna@sap.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Permissions Required",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://launchpad.support.sap.com/#/notes/3078312"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://launchpad.support.sap.com/#/notes/3078312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
    }
  ],
  "sourceIdentifier": "cna@sap.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "cna@sap.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}

GSD-2021-33701

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-33701

Aliases

CVE-2021-33701

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-33701",
    "description": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.",
    "id": "GSD-2021-33701",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2021-33701"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-33701"
      ],
      "details": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.",
      "id": "GSD-2021-33701",
      "modified": "2023-12-13T01:23:18.329950Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cna@sap.com",
        "ID": "CVE-2021-33701",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "DMIS Mobile Plug-In",
                    "version": {
                      "version_data": [
                        {
                          "version_name": "\u003c",
                          "version_value": "DMIS 2011_1_620"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2011_1_640"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2011_1_700"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2011_1_710"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2011_1_730"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "710"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2011_1_731"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "710"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2011_1_752"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "2020"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SAP S/4HANA",
                    "version": {
                      "version_data": [
                        {
                          "version_name": "\u003c",
                          "version_value": "SAPSCORE 125"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "S4CORE 102"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "102"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "103"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "104"
                        },
                        {
                          "version_name": "\u003c",
                          "version_value": "105"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SAP SE"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": "9.1",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\ufffd)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806",
            "refsource": "MISC",
            "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
          },
          {
            "name": "https://launchpad.support.sap.com/#/notes/3078312",
            "refsource": "MISC",
            "url": "https://launchpad.support.sap.com/#/notes/3078312"
          },
          {
            "name": "20211214 SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
          },
          {
            "name": "20211214 SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
          },
          {
            "name": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:710:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_620:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_640:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_700:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_710:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_730:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_731:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2011_1_752:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:dmis:2020125:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:s4core:102:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:s4core:103:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:sapscore:125:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@sap.com",
          "ID": "CVE-2021-33701"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-89"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
            },
            {
              "name": "https://launchpad.support.sap.com/#/notes/3078312",
              "refsource": "MISC",
              "tags": [
                "Permissions Required",
                "VDB Entry",
                "Vendor Advisory"
              ],
              "url": "https://launchpad.support.sap.com/#/notes/3078312"
            },
            {
              "name": "20211214 SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2021/Dec/36"
            },
            {
              "name": "20211214 SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2021/Dec/35"
            },
            {
              "name": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.3,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2022-04-01T18:59Z",
      "publishedDate": "2021-09-15T19:15Z"
    }
  }
}

CERTFR-2021-AVI-607

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SAP	SAP BusinessObjects Business Intelligence	SAP BusinessObjects Business Intelligence Platform (SAPUI5) versions 420 et 430
SAP	N/A	SAP NetWeaver Development Infrastructure (Notification Service) versions 7.31, 7.40 et 7.50
SAP	N/A	SAP NetWeaver Development Infrastructure (Component Build Service) versions 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP Cloud Connector version 2.0
SAP	N/A	SAP Business One version 10.0
SAP	SAP BusinessObjects Business Intelligence	SAP BusinessObjects Business Intelligence Platform (Crystal Report) versions 420 et 430
SAP	NetWeaver Enterprise Portal	SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP Fiori Client Native Mobile pour Android version 3.2
SAP	N/A	DMIS Mobile Plug-In versions DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752 et 2020
SAP	N/A	SAP NetWeaver AS ABAP and ABAP Platform (SRM_RFC_SUBMIT_REPORT) versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755
SAP	N/A	SAP S/4HANA versions SAPSCORE 125, S4CORE 102, 102, 103, 104 et 105
SAP	NetWeaver Enterprise Portal	SAP NetWeaver Enterprise Portal (Application Extensions) versions 7.30, 7.31, 7.40 et 7.50

References

Title

Publication Time

Tags

Bulletin de sécurité SAP du 10 août 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SAP BusinessObjects Business Intelligence Platform (SAPUI5) versions 420 et 430",
      "product": {
        "name": "SAP BusinessObjects Business Intelligence",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Development Infrastructure (Notification Service) versions 7.31, 7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Development Infrastructure (Component Build Service) versions 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Cloud Connector version 2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Business One version 10.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP BusinessObjects Business Intelligence Platform (Crystal Report) versions 420 et 430",
      "product": {
        "name": "SAP BusinessObjects Business Intelligence",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "NetWeaver Enterprise Portal",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Fiori Client Native Mobile pour Android version 3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "DMIS Mobile Plug-In versions DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752 et 2020",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver AS ABAP and ABAP Platform (SRM_RFC_SUBMIT_REPORT) versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP S/4HANA versions SAPSCORE 125, S4CORE 102, 102, 103, 104 et 105",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Enterprise Portal (Application Extensions) versions 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "NetWeaver Enterprise Portal",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-33690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33690"
    },
    {
      "name": "CVE-2021-33705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33705"
    },
    {
      "name": "CVE-2021-33702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33702"
    },
    {
      "name": "CVE-2021-33694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33694"
    },
    {
      "name": "CVE-2021-33697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33697"
    },
    {
      "name": "CVE-2021-33700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33700"
    },
    {
      "name": "CVE-2021-33698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33698"
    },
    {
      "name": "CVE-2021-33695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33695"
    },
    {
      "name": "CVE-2021-33691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33691"
    },
    {
      "name": "CVE-2021-33703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33703"
    },
    {
      "name": "CVE-2021-33701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33701"
    },
    {
      "name": "CVE-2021-33707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33707"
    },
    {
      "name": "CVE-2021-33699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33699"
    },
    {
      "name": "CVE-2021-33704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33704"
    },
    {
      "name": "CVE-2021-33696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33696"
    },
    {
      "name": "CVE-2021-21473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21473"
    },
    {
      "name": "CVE-2021-33692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33692"
    },
    {
      "name": "CVE-2021-33693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33693"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-607",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SAP du 10 ao\u00fbt 2021",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
    }
  ]
}

CERTFR-2021-AVI-607

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SAP	SAP BusinessObjects Business Intelligence	SAP BusinessObjects Business Intelligence Platform (SAPUI5) versions 420 et 430
SAP	N/A	SAP NetWeaver Development Infrastructure (Notification Service) versions 7.31, 7.40 et 7.50
SAP	N/A	SAP NetWeaver Development Infrastructure (Component Build Service) versions 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP Cloud Connector version 2.0
SAP	N/A	SAP Business One version 10.0
SAP	SAP BusinessObjects Business Intelligence	SAP BusinessObjects Business Intelligence Platform (Crystal Report) versions 420 et 430
SAP	NetWeaver Enterprise Portal	SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50
SAP	N/A	SAP Fiori Client Native Mobile pour Android version 3.2
SAP	N/A	DMIS Mobile Plug-In versions DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752 et 2020
SAP	N/A	SAP NetWeaver AS ABAP and ABAP Platform (SRM_RFC_SUBMIT_REPORT) versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755
SAP	N/A	SAP S/4HANA versions SAPSCORE 125, S4CORE 102, 102, 103, 104 et 105
SAP	NetWeaver Enterprise Portal	SAP NetWeaver Enterprise Portal (Application Extensions) versions 7.30, 7.31, 7.40 et 7.50

References

Title

Publication Time

Tags

Bulletin de sécurité SAP du 10 août 2021

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SAP BusinessObjects Business Intelligence Platform (SAPUI5) versions 420 et 430",
      "product": {
        "name": "SAP BusinessObjects Business Intelligence",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Development Infrastructure (Notification Service) versions 7.31, 7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Development Infrastructure (Component Build Service) versions 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver (Knowledge Management) versions 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Cloud Connector version 2.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Business One version 10.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP BusinessObjects Business Intelligence Platform (Crystal Report) versions 420 et 430",
      "product": {
        "name": "SAP BusinessObjects Business Intelligence",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Enterprise Portal versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "NetWeaver Enterprise Portal",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP Fiori Client Native Mobile pour Android version 3.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "DMIS Mobile Plug-In versions DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752 et 2020",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver AS ABAP and ABAP Platform (SRM_RFC_SUBMIT_REPORT) versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754 et 755",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP S/4HANA versions SAPSCORE 125, S4CORE 102, 102, 103, 104 et 105",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    },
    {
      "description": "SAP NetWeaver Enterprise Portal (Application Extensions) versions 7.30, 7.31, 7.40 et 7.50",
      "product": {
        "name": "NetWeaver Enterprise Portal",
        "vendor": {
          "name": "SAP",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-33690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33690"
    },
    {
      "name": "CVE-2021-33705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33705"
    },
    {
      "name": "CVE-2021-33702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33702"
    },
    {
      "name": "CVE-2021-33694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33694"
    },
    {
      "name": "CVE-2021-33697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33697"
    },
    {
      "name": "CVE-2021-33700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33700"
    },
    {
      "name": "CVE-2021-33698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33698"
    },
    {
      "name": "CVE-2021-33695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33695"
    },
    {
      "name": "CVE-2021-33691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33691"
    },
    {
      "name": "CVE-2021-33703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33703"
    },
    {
      "name": "CVE-2021-33701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33701"
    },
    {
      "name": "CVE-2021-33707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33707"
    },
    {
      "name": "CVE-2021-33699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33699"
    },
    {
      "name": "CVE-2021-33704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33704"
    },
    {
      "name": "CVE-2021-33696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33696"
    },
    {
      "name": "CVE-2021-21473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-21473"
    },
    {
      "name": "CVE-2021-33692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33692"
    },
    {
      "name": "CVE-2021-33693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33693"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-607",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-08-10T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits SAP.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits SAP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SAP du 10 ao\u00fbt 2021",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-33701 (GCVE-0-2021-33701)

GHSA-CH32-3MMP-49C5

FKIE_CVE-2021-33701

GSD-2021-33701

CERTFR-2021-AVI-607

Solution

CERTFR-2021-AVI-607

Solution

Tags

Sightings

Nomenclature