var-201107-0311
Vulnerability from variot
A security vulnerability exists in SAP NetWeaver that is passed to the CIDXBTDDump.jsp in the Ispeak Details Monitoring application (com.sap.aii.af.ispeak.app). The input to the BTDDump.jsp and RNIF11BTDDump.jsp script \"txtBtdID\" parameters is missing before returning to the user. Filtering can lead to cross-site scripting attacks. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has security vulnerabilities. Business Communication Broker does not properly restrict the use of certain functions. Attackers can exploit vulnerabilities to obtain sensitive information such as J2EE patch levels and internal IP addresses. When processing the tag of a SOAP-RFC request, the XML parser has an integer overflow error. The attacker can exploit the vulnerability to terminate the disp+work.exe service, causing a denial of service attack. An attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or cause denial-of-service conditions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netweaver",
"scope": "eq",
"trust": 2.7,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.0"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.10"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.30"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.02"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 2.1,
"vendor": "sap",
"version": "7.01"
},
{
"model": "netweaver sp15",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver sp8",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.0*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.10*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.30*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.02*"
},
{
"model": "netweaver",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.01*"
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Polyakov, Dmitriy Evdokimov, and Alexey Sintsov from DSecRG",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
},
{
"accessComplexity": null,
"accessVector": null,
"authentication": null,
"author": "IVD",
"availabilityImpact": null,
"baseScore": null,
"confidentialityImpact": null,
"exploitabilityScore": null,
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d",
"impactScore": null,
"integrityImpact": null,
"severity": null,
"trust": 0.2,
"vectorString": null,
"version": "unknown"
}
],
"cvssV3": [],
"severity": [
{
"author": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A security vulnerability exists in SAP NetWeaver that is passed to the CIDXBTDDump.jsp in the Ispeak Details Monitoring application (com.sap.aii.af.ispeak.app). The input to the BTDDump.jsp and RNIF11BTDDump.jsp script \\\"txtBtdID\\\" parameters is missing before returning to the user. Filtering can lead to cross-site scripting attacks. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. SAP NetWeaver has security vulnerabilities. Business Communication Broker does not properly restrict the use of certain functions. Attackers can exploit vulnerabilities to obtain sensitive information such as J2EE patch levels and internal IP addresses. When processing the tag of a SOAP-RFC request, the XML parser has an integer overflow error. The attacker can exploit the vulnerability to terminate the disp+work.exe service, causing a denial of service attack. \nAn attacker may leverage the issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, disclose sensitive information, or cause denial-of-service conditions",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
},
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "48718",
"trust": 2.1
},
{
"db": "CNVD",
"id": "CNVD-2011-2735",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2737",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-2739",
"trust": 0.8
},
{
"db": "IVD",
"id": "2CA34F36-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "56F6D208-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "539F900E-1F8F-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"id": "VAR-201107-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
],
"trust": 2.8925504733333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 2.4
}
],
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
]
},
"last_update_date": "2022-05-17T02:06:03.945000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for SAP Netweaver Cross-Site Scripting Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4438"
},
{
"title": "Patch for SAP Netweaver Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4437"
},
{
"title": "Patch for SAP Netweaver Denial of Service Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/4440"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=328"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=327"
},
{
"trust": 0.9,
"url": "http://dsecrg.com/pages/vul/show.php?id=329"
},
{
"trust": 0.3,
"url": "http://www.sap.com/platform/netweaver/index.epx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"db": "BID",
"id": "48718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "56f6d208-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "IVD",
"id": "539f900e-1f8f-11e6-abef-000c29c66e3d"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"date": "2011-07-19T00:00:00",
"db": "BID",
"id": "48718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2737"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2735"
},
{
"date": "2011-07-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-2739"
},
{
"date": "2011-07-19T00:00:00",
"db": "BID",
"id": "48718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Netweaver Information Disclosure Vulnerability",
"sources": [
{
"db": "IVD",
"id": "2ca34f36-1f8f-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-2735"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "48718"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.