Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2022-2290
Vulnerability from csaf_certbund
Published
2022-12-12 23:00
Modified
2023-05-31 22:00
Summary
SAP Patchday Dezember 2022
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- MacOS X
- Windows
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "SAP stellt unternehmensweite Lösungen für Geschäftsprozesse wie Buchführung, Vertrieb, Einkauf und Lagerhaltung zur Verfügung.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in der SAP-Software ausnutzen, um seine Privilegien zu erhöhen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux\n- MacOS X\n- Windows\n- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-2290 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2290.json", }, { category: "self", summary: "WID-SEC-2022-2290 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2290", }, { category: "external", summary: "SAP Patchday December 2022 vom 2022-12-12", url: "https://dam.sap.com/mac/app/e/pdf/preview/embed/ucQrx6G?ltr=a&rc=10", }, ], source_lang: "en-US", title: "SAP Patchday Dezember 2022", tracking: { current_release_date: "2023-05-31T22:00:00.000+00:00", generator: { date: "2024-08-15T17:39:42.216+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-2290", initial_release_date: "2022-12-12T23:00:00.000+00:00", revision_history: [ { date: "2022-12-12T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-05-31T22:00:00.000+00:00", number: "2", summary: "CVE Nummern ergänzt", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "SAP Software", product: { name: "SAP Software", product_id: "T016476", product_identification_helper: { cpe: "cpe:/a:sap:sap:-", }, }, }, ], category: "vendor", name: "SAP", }, ], }, vulnerabilities: [ { cve: "CVE-2022-42889", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-42889", }, { cve: "CVE-2022-41275", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41275", }, { cve: "CVE-2022-41274", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41274", }, { cve: "CVE-2022-41273", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41273", }, { cve: "CVE-2022-41272", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41272", }, { cve: "CVE-2022-41271", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41271", }, { cve: "CVE-2022-41268", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41268", }, { cve: "CVE-2022-41267", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41267", }, { cve: "CVE-2022-41266", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41266", }, { cve: "CVE-2022-41264", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41264", }, { cve: "CVE-2022-41263", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41263", }, { cve: "CVE-2022-41262", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41262", }, { cve: "CVE-2022-41261", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41261", }, { cve: "CVE-2022-41215", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-41215", }, { cve: "CVE-2022-39013", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-39013", }, { cve: "CVE-2022-35737", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-35737", }, { cve: "CVE-2022-35299", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-35299", }, { cve: "CVE-2022-32240", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-32240", }, { cve: "CVE-2022-32235", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2022-32235", }, { cve: "CVE-2020-6215", notes: [ { category: "description", text: "In den folgenden SAP-Anwendungskomponenten bestehen mehrere Schwachstellen, die nicht öffentlich beschrieben wurden: SAP BusinessObjects Business Intelligence Platform, NetWeaver Process Integration, Commerce, BASIS, Business Planning and Consolidation, Disclosure Management, NetWeaver AS for Java, Solution Manager, Sourcing und Contract Lifecycle Management. Beschreibungen und Updates für diese Schwachstellen finden Sie in den SAP-Sicherheitshinweisen. Um einige dieser Schwachstellen auszunutzen, sind Benutzerinteraktion oder privilegierte Rechte erforderlich.", }, ], product_status: { known_affected: [ "T016476", ], }, release_date: "2022-12-12T23:00:00.000+00:00", title: "CVE-2020-6215", }, ], }
cve-2022-39013
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 11:10
Severity ?
EPSS score ?
Summary
Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP BusinessObjects Business Intelligence Platform (Program Objects) |
Version: 420 Version: 430 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T11:10:32.325Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3229132", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP BusinessObjects Business Intelligence Platform (Program Objects)", vendor: "SAP SE", versions: [ { status: "affected", version: "420", }, { status: "affected", version: "430", }, ], }, ], descriptions: [ { lang: "en", value: "Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the application.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { url: "https://launchpad.support.sap.com/#/notes/3229132", }, ], }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-39013", datePublished: "2022-10-11T00:00:00", dateReserved: "2022-08-29T00:00:00", dateUpdated: "2024-08-03T11:10:32.325Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35299
Vulnerability from cvelistv5
Published
2022-10-11 00:00
Modified
2024-08-03 09:36
Severity ?
EPSS score ?
Summary
SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in memory management to cause a memory corruption, such as Stack-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SAP SE | SAP SQL Anywhere |
Version: 17.0 |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:36:44.352Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3232021", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP SQL Anywhere", vendor: "SAP SE", versions: [ { status: "affected", version: "17.0", }, ], }, { product: "SAP IQ", vendor: "SAP SE", versions: [ { status: "affected", version: "16.1", }, ], }, ], descriptions: [ { lang: "en", value: "SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in memory management to cause a memory corruption, such as Stack-based buffer overflow.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-14T00:00:00", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { url: "https://launchpad.support.sap.com/#/notes/3232021", }, ], }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-35299", datePublished: "2022-10-11T00:00:00", dateReserved: "2022-07-07T00:00:00", dateUpdated: "2024-08-03T09:36:44.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41262
Vulnerability from cvelistv5
Published
2022-12-12 21:39
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | NetWeaver AS for Java (Http Provider Service) |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.970Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3262544", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NetWeaver AS for Java (Http Provider Service)", vendor: "SAP", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: white;\">Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.</span><br>", }, ], value: "Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated attacker to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impact on the confidentiality and integrity of the application.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-16T03:05:53.087Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3262544", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41262", datePublished: "2022-12-12T21:39:53.223Z", dateReserved: "2022-09-21T16:20:14.947Z", dateUpdated: "2024-08-03T12:42:43.970Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32235
Vulnerability from cvelistv5
Published
2022-06-14 18:48
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3206271 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP 3D Visual Enterprise Viewer |
Version: 9.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:39:49.607Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3206271", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP 3D Visual Enterprise Viewer", vendor: "SAP SE", versions: [ { status: "affected", version: "9.0", }, ], }, ], descriptions: [ { lang: "en", value: "When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-14T18:48:02", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3206271", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2022-32235", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP 3D Visual Enterprise Viewer", version: { version_data: [ { version_affected: "=", version_value: "9.0", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.", }, ], }, impact: { cvss: { baseScore: "null", vectorString: "null", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", refsource: "MISC", url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { name: "https://launchpad.support.sap.com/#/notes/3206271", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3206271", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-32235", datePublished: "2022-06-14T18:48:02", dateReserved: "2022-06-02T00:00:00", dateUpdated: "2024-08-03T07:39:49.607Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41263
Vulnerability from cvelistv5
Published
2022-12-12 21:48
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the attacker can modify information causing a limited impact on the integrity of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Business Objects Business Intelligence Platform (Web intelligence) |
Version: 420 Version: 430 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.077Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3249648", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Business Objects Business Intelligence Platform (Web intelligence)", vendor: "SAP", versions: [ { status: "affected", version: "420", }, { status: "affected", version: "430", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the attacker can modify information causing a limited impact on the integrity of the application.", }, ], value: "Due to a missing authentication check, SAP Business Objects Business Intelligence Platform (Web Intelligence) - versions 420, 430, allows an authenticated non-administrator attacker to modify the data source information for a document that is otherwise restricted. On successful exploitation, the attacker can modify information causing a limited impact on the integrity of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-11T21:04:17.676Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3249648", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41263", datePublished: "2022-12-12T21:48:12.095Z", dateReserved: "2022-09-21T16:20:14.948Z", dateUpdated: "2024-08-03T12:42:44.077Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41215
Vulnerability from cvelistv5
Published
2022-11-08 00:00
Modified
2024-08-03 12:35
Severity ?
EPSS score ?
Summary
SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver ABAP Server and ABAP Platform |
Version: = 700 Version: = 731 Version: = 740 Version: = 750 Version: = 789 Version: = 701 Version: = 702 Version: = 751 Version: = 752 Version: = 753 Version: = 754 Version: = 755 Version: = 756 Version: = 757 Version: = 790 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:35:49.613Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3251202", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "SAP NetWeaver ABAP Server and ABAP Platform", vendor: "SAP SE", versions: [ { status: "affected", version: "= 700", }, { status: "affected", version: "= 731", }, { status: "affected", version: "= 740", }, { status: "affected", version: "= 750", }, { status: "affected", version: "= 789", }, { status: "affected", version: "= 701", }, { status: "affected", version: "= 702", }, { status: "affected", version: "= 751", }, { status: "affected", version: "= 752", }, { status: "affected", version: "= 753", }, { status: "affected", version: "= 754", }, { status: "affected", version: "= 755", }, { status: "affected", version: "= 756", }, { status: "affected", version: "= 757", }, { status: "affected", version: "= 790", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.</p>", }, ], value: "SAP NetWeaver ABAP Server and ABAP Platform allows an unauthenticated attacker to redirect users to a malicious site due to insufficient URL validation. This could lead to the user being tricked to disclose personal information.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-12T19:41:02.080Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { url: "https://launchpad.support.sap.com/#/notes/3251202", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41215", datePublished: "2022-11-08T00:00:00", dateReserved: "2022-09-21T00:00:00", dateUpdated: "2024-08-03T12:35:49.613Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41266
Vulnerability from cvelistv5
Published
2022-12-13 02:34
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Commerce Webservices 2.0 (Swagger UI) |
Version: 1905 Version: 2005 Version: 2105 Version: 2011 Version: 2205 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.067Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3248255", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Commerce Webservices 2.0 (Swagger UI)", vendor: "SAP", versions: [ { status: "affected", version: "1905", }, { status: "affected", version: "2005", }, { status: "affected", version: "2105", }, { status: "affected", version: "2011", }, { status: "affected", version: "2205", }, ], }, ], datePublic: "2022-12-13T03:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.", }, ], value: "Due to a lack of proper input validation, SAP Commerce Webservices 2.0 (Swagger UI) - versions 1905, 2005, 2105, 2011, 2205, allows malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a DOM Cross-Site Scripting (XSS) attack. As a result, an attacker may be able to steal user tokens and achieve a full account takeover including access to administrative tools in SAP Commerce.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T02:34:11.911Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3248255", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41266", datePublished: "2022-12-13T02:34:11.911Z", dateReserved: "2022-09-21T16:20:14.949Z", dateUpdated: "2024-08-03T12:42:44.067Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42889
Vulnerability from cvelistv5
Published
2022-10-13 00:00
Modified
2024-11-20 16:19
Severity ?
EPSS score ?
Summary
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Commons Text |
Version: unspecified < Version: 1.5 < Apache Commons Text* |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:19:05.212Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", }, { name: "[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/10/13/4", }, { name: "[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/10/18/1", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221020-0004/", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022", }, { name: "GLSA-202301-05", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202301-05", }, { name: "20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2023/Feb/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-42889", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-01-24T16:22:10.690380Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-20T16:19:41.416Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Apache Commons Text", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "1.9", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "Apache Commons Text*", status: "affected", version: "1.5", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.", }, ], metrics: [ { other: { content: { other: "important", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Unexpected variable interpolation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-19T16:06:47.362105", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om", }, { name: "[oss-security] 20221013 CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/10/13/4", }, { name: "[oss-security] 20221017 Re: CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/10/18/1", }, { url: "https://security.netapp.com/advisory/ntap-20221020-0004/", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022", }, { name: "GLSA-202301-05", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202301-05", }, { name: "20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2023/Feb/3", }, { url: "http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html", }, { url: "http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html", }, ], source: { discovery: "UNKNOWN", }, title: "Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults", workarounds: [ { lang: "en", value: "Upgrade to Apache Commons Text 1.10.0.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2022-42889", datePublished: "2022-10-13T00:00:00", dateReserved: "2022-10-12T00:00:00", dateUpdated: "2024-11-20T16:19:41.416Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41268
Vulnerability from cvelistv5
Published
2022-12-13 02:52
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Business Planning and Consolidation |
Version: SAP_BW 750 < Version: DWCORE 200 < Version: CPMBPC 810 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.986Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3271091", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Business Planning and Consolidation", vendor: "SAP", versions: [ { lessThanOrEqual: "SAP_BW 757", status: "affected", version: "SAP_BW 750", versionType: "custom", }, { lessThanOrEqual: "DWCORE 300", status: "affected", version: "DWCORE 200", versionType: "custom", }, { status: "affected", version: "CPMBPC 810", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.", }, ], value: "In some SAP standard roles in SAP Business Planning and Consolidation - versions - SAP_BW 750, 751, 752, 753, 754, 755, 756, 757, DWCORE 200, 300, CPMBPC 810, a transaction code reserved for the customer is used. By implementing such transaction code, a malicious user may execute unauthorized transaction functionality. Under specific circumstances, a successful attack could enable an adversary to escalate their privileges to be able to read, change or delete system data.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T02:52:25.032Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3271091", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41268", datePublished: "2022-12-13T02:52:25.032Z", dateReserved: "2022-09-21T16:20:14.949Z", dateUpdated: "2024-08-03T12:42:43.986Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41264
Vulnerability from cvelistv5
Published
2022-12-13 02:27
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
Due to the unrestricted scope of the RFC function module, SAP BASIS - versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. On successful exploitation the attacker can have full control of the system to which the class belongs, causing a high impact on the integrity of the application.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.052Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3268172", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "BASIS", vendor: "SAP", versions: [ { status: "affected", version: "731", }, { status: "affected", version: "740", }, { status: "affected", version: "750", }, { status: "affected", version: "751", }, { status: "affected", version: "752", }, { status: "affected", version: "753", }, { status: "affected", version: "754", }, { status: "affected", version: "755", }, { status: "affected", version: "756", }, { status: "affected", version: "757", }, { status: "affected", version: "789", }, { status: "affected", version: "790", }, { status: "affected", version: "791", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: white;\">Due to the unrestricted scope of the RFC function module, SAP BASIS - versions </span>731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, <span style=\"background-color: white;\">allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. On successful exploitation the attacker can have full control of the system to which the class belongs, causing a high impact on the integrity of the application.</span><br>", }, ], value: "Due to the unrestricted scope of the RFC function module, SAP BASIS - versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacker. On successful exploitation the attacker can have full control of the system to which the class belongs, causing a high impact on the integrity of the application.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T02:27:48.081Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3268172", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41264", datePublished: "2022-12-13T02:27:48.081Z", dateReserved: "2022-09-21T16:20:14.948Z", dateUpdated: "2024-08-03T12:42:44.052Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41272
Vulnerability from cvelistv5
Published
2022-12-13 03:05
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | NetWeaver Process Integration |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.986Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3273480", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NetWeaver Process Integration", vendor: "SAP", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: white;\">An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.</span><br>", }, ], value: "An unauthenticated attacker over the network can attach to an open interface exposed through JNDI by the User Defined Search (UDS) of SAP NetWeaver Process Integration (PI) - version 7.50 and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and data across the entire system. This allows the attacker to have full read access to user data, make limited modifications to user data, and degrade the performance of the system, leading to a high impact on confidentiality and a limited impact on the availability and integrity of the application.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-306", description: "CWE-306 Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T03:05:13.650Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3273480", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41272", datePublished: "2022-12-13T03:05:13.650Z", dateReserved: "2022-09-21T16:20:14.951Z", dateUpdated: "2024-08-03T12:42:43.986Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41273
Vulnerability from cvelistv5
Published
2022-12-13 03:08
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP Sourcing URL, since the victim doesn’t suspect the threat, they click on the link, log in to SAP Sourcing and CLM and at this point, they get redirected to a malicious website.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Sourcing and SAP Contract Lifecycle Management |
Version: 1100 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.986Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3270399", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Sourcing and SAP Contract Lifecycle Management", vendor: "SAP", versions: [ { status: "affected", version: "1100", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP Sourcing URL, since the victim doesn’t suspect the threat, they click on the link, log in to SAP Sourcing and CLM and at this point, they get redirected to a malicious website. ", }, ], value: "Due to improper input sanitization in SAP Sourcing and SAP Contract Lifecycle Management - version 1100, an attacker can redirect a user to a malicious website. In order to perform this attack, the attacker sends an email to the victim with a manipulated link that appears to be a legitimate SAP Sourcing URL, since the victim doesn’t suspect the threat, they click on the link, log in to SAP Sourcing and CLM and at this point, they get redirected to a malicious website. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T03:08:32.732Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3270399", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41273", datePublished: "2022-12-13T03:08:32.732Z", dateReserved: "2022-09-21T16:20:14.951Z", dateUpdated: "2024-08-03T12:42:43.986Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41274
Vulnerability from cvelistv5
Published
2022-12-13 03:11
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
SAP Disclosure Management - version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can lead to the exposure of data like financial reports.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Disclosure Management |
Version: 10.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.061Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3266846", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Disclosure Management", vendor: "SAP", versions: [ { status: "affected", version: "10.1", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "SAP Disclosure Management - version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can lead to the exposure of data like financial reports.", }, ], value: "SAP Disclosure Management - version 10.1, allows an authenticated attacker to exploit certain misconfigured application endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploitation can lead to the exposure of data like financial reports.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-863", description: "CWE-863 Incorrect Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-16T03:11:56.525Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3266846", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41274", datePublished: "2022-12-13T03:11:53.200Z", dateReserved: "2022-09-21T16:20:14.953Z", dateUpdated: "2024-08-03T12:42:44.061Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41267
Vulnerability from cvelistv5
Published
2022-12-13 02:39
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | BusinessObjects Business Intelligence Platform |
Version: 420 Version: 430 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:44.072Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3239475", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "BusinessObjects Business Intelligence Platform", vendor: "SAP", versions: [ { status: "affected", version: "420", }, { status: "affected", version: "430", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.", }, ], value: "SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the attacker to take full control of the system causing a high impact on confidentiality, integrity, and availability of the application.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-434", description: "CWE-434 Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T02:39:12.109Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3239475", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41267", datePublished: "2022-12-13T02:39:12.109Z", dateReserved: "2022-09-21T16:20:14.949Z", dateUpdated: "2024-08-03T12:42:44.072Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41261
Vulnerability from cvelistv5
Published
2022-12-12 21:24
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Solution Manager (Diagnostic Agent) |
Version: 7.20 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.976Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3265173", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Solution Manager (Diagnostic Agent)", vendor: "SAP", versions: [ { status: "affected", version: "7.20", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.", }, ], value: "SAP Solution Manager (Diagnostic Agent) - version 7.20, allows an authenticated attacker on Windows system to access a file containing sensitive data which can be used to access a configuration file which contains credentials to access other system files. Successful exploitation can make the attacker access files and systems for which he/she is not authorized.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-12T23:17:06.757Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3265173", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41261", datePublished: "2022-12-12T21:24:53.439Z", dateReserved: "2022-09-21T16:20:14.947Z", dateUpdated: "2024-08-03T12:42:43.976Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41271
Vulnerability from cvelistv5
Published
2022-12-13 02:59
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability affects local users and data, leading to a considerable impact on confidentiality as well as availability and a limited impact on the integrity of the application. These operations can be used to:
* Read any information
* Modify sensitive information
* Denial of Service attacks (DoS)
* SQL Injection
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | NetWeaver Process Integration |
Version: 7.50 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:43.981Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3267780", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "NetWeaver Process Integration", vendor: "SAP", versions: [ { status: "affected", version: "7.50", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<div><table><tbody><tr><td><p>An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability affects local users and data, leading to a considerable impact on confidentiality as well as availability and a limited impact on the integrity of the application. These operations can be used to:</p><ul><li>Read any information</li><li>Modify sensitive information</li><li>Denial of Service attacks (DoS)</li><li>SQL Injection</li></ul></td></tr></tbody></table></div>", }, ], value: "An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging System of SAP NetWeaver Process Integration (PI) - version 7.50. This user can make use of an open naming and directory API to access services that could perform unauthorized operations. The vulnerability affects local users and data, leading to a considerable impact on confidentiality as well as availability and a limited impact on the integrity of the application. These operations can be used to:\n\n * Read any information\n * Modify sensitive information\n * Denial of Service attacks (DoS)\n * SQL Injection\n\n\n\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.4, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-862", description: "CWE-862 Missing Authorization", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-306", description: "CWE-306 Missing Authentication for Critical Function", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-89", description: "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T02:59:05.757Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3267780", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41271", datePublished: "2022-12-13T02:59:05.757Z", dateReserved: "2022-09-21T16:20:14.950Z", dateUpdated: "2024-08-03T12:42:43.981Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41275
Vulnerability from cvelistv5
Published
2022-12-13 03:14
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
In SAP Solution Manager (Enterprise Search) - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP | Solution Manager (Enterprise Search) |
Version: 740 Version: 750 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:45.882Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3271313", }, { tags: [ "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Solution Manager (Enterprise Search)", vendor: "SAP", versions: [ { status: "affected", version: "740", }, { status: "affected", version: "750", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In SAP Solution Manager (Enterprise Search) - versions 740, and 750, <span style=\"background-color: white;\">an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.</span><br>", }, ], value: "In SAP Solution Manager (Enterprise Search) - versions 740, and 750, an unauthenticated attacker can generate a link that, if clicked by a logged-in user, can be redirected to a malicious page that could read or modify sensitive information, or expose the user to a phishing attack, with little impact on confidentiality and integrity.\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-13T03:14:09.574Z", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://launchpad.support.sap.com/#/notes/3271313", }, { url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-41275", datePublished: "2022-12-13T03:14:09.574Z", dateReserved: "2022-09-21T16:20:14.953Z", dateUpdated: "2024-08-03T12:42:45.882Z", requesterUserId: "048f1e0a-8756-40de-bd1f-51292c7183c7", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-35737
Vulnerability from cvelistv5
Published
2022-08-03 00:00
Modified
2024-08-03 09:44
Severity ?
EPSS score ?
Summary
SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T09:44:21.941Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.sqlite.org/cves.html", }, { tags: [ "x_transferred", ], url: "https://kb.cert.org/vuls/id/720344", }, { tags: [ "x_transferred", ], url: "https://sqlite.org/releaselog/3_39_2.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220915-0009/", }, { tags: [ "x_transferred", ], url: "https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/", }, { name: "GLSA-202210-40", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-40", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-31T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.sqlite.org/cves.html", }, { url: "https://kb.cert.org/vuls/id/720344", }, { url: "https://sqlite.org/releaselog/3_39_2.html", }, { url: "https://security.netapp.com/advisory/ntap-20220915-0009/", }, { url: "https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/", }, { name: "GLSA-202210-40", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-40", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-35737", datePublished: "2022-08-03T00:00:00", dateReserved: "2022-07-13T00:00:00", dateUpdated: "2024-08-03T09:44:21.941Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-32240
Vulnerability from cvelistv5
Published
2022-06-14 22:30
Modified
2024-08-03 07:39
Severity ?
EPSS score ?
Summary
When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/3206271 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP 3D Visual Enterprise Viewer |
Version: 9.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:39:49.593Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/3206271", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP 3D Visual Enterprise Viewer", vendor: "SAP SE", versions: [ { status: "affected", version: "9.0", }, ], }, ], descriptions: [ { lang: "en", value: "When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-14T22:30:35", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { tags: [ "x_refsource_MISC", ], url: "https://launchpad.support.sap.com/#/notes/3206271", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cna@sap.com", ID: "CVE-2022-32240", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SAP 3D Visual Enterprise Viewer", version: { version_data: [ { version_affected: "=", version_value: "9.0", }, ], }, }, ], }, vendor_name: "SAP SE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.", }, ], }, impact: { cvss: { baseScore: "null", vectorString: "null", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", refsource: "MISC", url: "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", }, { name: "https://launchpad.support.sap.com/#/notes/3206271", refsource: "MISC", url: "https://launchpad.support.sap.com/#/notes/3206271", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2022-32240", datePublished: "2022-06-14T22:30:35", dateReserved: "2022-06-02T00:00:00", dateUpdated: "2024-08-03T07:39:49.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-6215
Vulnerability from cvelistv5
Published
2020-04-14 00:00
Modified
2024-08-04 08:55
Severity ?
EPSS score ?
Summary
SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SAP SE | SAP NetWeaver AS ABAP (Business Server Pages Test Application IT00) |
Version: < 700 Version: < 701 Version: < 702 Version: < 730 Version: < 731 Version: < 740 Version: < 750 Version: < 751 Version: < 752 Version: < 753 Version: < 754 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:55:22.077Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, { tags: [ "x_transferred", ], url: "https://launchpad.support.sap.com/#/notes/2872782", }, { name: "20231005 SEC Consult SA-20231005 :: Open Redirect in SAP BSP Test Application it00 (Bypass for CVE-2020-6215 Patch)", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2023/Oct/13", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/174985/SAP-Application-Server-ABAP-Open-Redirection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SAP NetWeaver AS ABAP (Business Server Pages Test Application IT00)", vendor: "SAP SE", versions: [ { status: "affected", version: "< 700", }, { status: "affected", version: "< 701", }, { status: "affected", version: "< 702", }, { status: "affected", version: "< 730", }, { status: "affected", version: "< 731", }, { status: "affected", version: "< 740", }, { status: "affected", version: "< 750", }, { status: "affected", version: "< 751", }, { status: "affected", version: "< 752", }, { status: "affected", version: "< 753", }, { status: "affected", version: "< 754", }, ], }, ], descriptions: [ { lang: "en", value: "SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, allows an attacker to redirect users to a malicious site due to insufficient URL validation and steal credentials of the victim, leading to URL Redirection vulnerability.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "URL Redirection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-06T16:06:17.300393", orgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", shortName: "sap", }, references: [ { url: "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=544214202", }, { url: "https://launchpad.support.sap.com/#/notes/2872782", }, { name: "20231005 SEC Consult SA-20231005 :: Open Redirect in SAP BSP Test Application it00 (Bypass for CVE-2020-6215 Patch)", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2023/Oct/13", }, { url: "http://packetstormsecurity.com/files/174985/SAP-Application-Server-ABAP-Open-Redirection.html", }, ], }, }, cveMetadata: { assignerOrgId: "e4686d1a-f260-4930-ac4c-2f5c992778dd", assignerShortName: "sap", cveId: "CVE-2020-6215", datePublished: "2020-04-14T00:00:00", dateReserved: "2020-01-08T00:00:00", dateUpdated: "2024-08-04T08:55:22.077Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.